Layer 4

To prevent more sophisticated network attacks, we need to allow firewalling at the transport layer. Layer 4 firewalls can get some insight into the types of packets being sent and can prevent any kind of malformed packets being dropped at the perimeter where the firewall operates. Layer 4 firewalls also have the ability to maintain session state and, therefore, much easier to manage since once we open the incoming port, the return response will be allowed, no matter what port the return comes from. In AWS security groups, the operating system firewall, AWS Shield, and AWS WAF all play a role in stopping layer 4 attacks and provide a multi layered approach to network security.