From the course: AWS Certified Security - Specialty (SCS-C03) Cert Prep

Unlock this course with a free trial

Join today to access over 25,300 courses taught by industry experts.

Security Groups and Network ACLs

Security Groups and Network ACLs - Amazon Web Services (AWS) Tutorial

From the course: AWS Certified Security - Specialty (SCS-C03) Cert Prep

Start my 1-month free trial Buy for my team

Security Groups and Network ACLs

In this lesson, I'm going to cover security groups and network ACLs. These are both types of firewall that we can use on AWS to protect our EC2 instances and databases and other services that sit inside an Amazon VPC. Now, firstly, I need to cover the difference between what we call a stateful and a stateless firewall. So here we have a web server on the left hand side and a client on the right hand side who wants to access that web service. And you can see the IP addresses associated with these two different computers. So what happens is because it's a web server, it's going to listen on port 80. That's the well known port for the unsecured version of HTTP. So the connection goes over at port 80. And there's a source port. Now the source port is dynamically allocated by the operating system of the client. And it's a high numbered port. So it's not one of the well known ports, which sits somewhere between one and 1024. It's one of the high numbered ports is dynamically assigned. So we…

Contents