lacework-global-145
Network ACLs do not allow unrestricted inbound traffic
Description
A Network ACL acts as a stateless, virtual firewall that controls traffic at the subnet level. The default Network ACL associated with a VPC allows all inbound and outbound traffic. For security purposes, it is recommended to restrict inbound Network ACLs.
Remediation
Log in to the AWS Management Console.
Select Services.
Select VPC.
Select Network ACLs.
Select the Network ACL to edit.
Select Edit inbound rules.
For each rule, restrict access to only the appropriate port or port range.
Select Save changes.