Network Firewall Quick Start Guide
Learn how to get started using the Network Firewall service.
Prerequisites
1. Create a Policy
Create a policy to contain all the rules that control how the firewall inspects, allows, or denies network traffic.
- See Create a Firewall Policy for instructions.
2. (Optional) Create Policy Components and Rules
Use policy components such as lists and profiles to help you build rules. You can use application lists, service lists, URL lists, and address lists to build security and decryption rules. Use mapped secrets to with decryption profiles to define rule actions in decryption rules. Decryption rules are enforced before security rules. If you don't create rules in a policy, then any network firewall it's attached to denies all traffic by default.
- See Creating and Managing Firewall Policy Components for more information about each component type and instructions about how to create individual components.
- See Bulk Import Firewall Policy Components for instructions about how to bulk upload components.
3. Create a Firewall and Attach the Policy
The firewall exists in a subnet of choice and controls incoming and outgoing network traffic based on the security rules in an attached policy. If no rules exist in the attached policy, the firewall denies all traffic by default.
- See Create a Firewall for instructions.
4. Route Network Traffic to the Firewall
After the network firewall is created, route traffic to it.
- See Routing Traffic to a Network Firewall for routing scenarios and instructions.