AWS Network Firewall vs WAF vs Security Groups vs NACLs
AWS Network Firewall is stateful, fully managed, network firewall and intrusion detection and prevention service (IDS/IPS) for VPCs.
AWS WAF is a web application firewall that helps protect web applications from attacks by allowing rules configuration that allow, block, or monitor (count) web requests based on defined conditions.
Security groups act as a virtual firewall for associated instances, controlling both inbound and outbound traffic at the instance level
Network access control lists (NACLs) act as a firewall for associated subnets, controlling both inbound and outbound traffic at the subnet level
https://jayendrapatil.com/aws-network-firewall-vs-waf-vs-security-groups-vs-nacls/
