AWS Network Firewall is a resilient, scalable, fully managed service that makes it easy to deploy advanced network protections for all of your Amazon Virtual Private Clouds (VPCs). The AWS Network Firewall flexible rules engine provides Layer 7 firewall capabilities and deep packet inspection, while active threat defense applies AWS managed rules that are designed to block evasive command-and-control channels, malicious URLs, and other threat vectors. Since AWS Network Firewall is a fully managed service, you don't have to worry about deploying and managing any infrastructure, handling version upgrades, maintenance or patching.