Using #NetworkFirewall and #Route53 #DNS #Firewall to protect a private subnet’s egress traffic in #AWS

Hi Jon, quick question. Would this solution stop outbound traffic that only has an IP address in the host header? i.e. the compromised service is trying to reach a C&C server using its IP address rather than a host/domain name which can be caught at either of the DNS filtering points in the architecture?