ACLs perform stateless packet filtering (Always check packets)
Account's Default ACL: Allow all In and out traffic
Customer ACL: Only allow what is defined rest is deny
-------------------------------------------------------------------------
Security Groups perform stateful packet filtering (Remember previous decision for the packet)
By Default
Deny all In
Allow all out
-------------------------------------------------------------------------
No comments:
Post a Comment