Which AWS service is deployed to VPCs and provides protection from common network threats?

Explanations:

AWS Shield is a managed DDoS protection service, primarily focused on protecting applications from distributed denial-of-service attacks, rather than general network threats within a VPC.

AWS WAF (Web Application Firewall) protects web applications from common web exploits but is not specifically designed for network-level protection within a VPC.

AWS Network Firewall is specifically designed for VPCs to protect against common network threats. It allows users to define network traffic filtering rules and provides protection against unwanted network access.

AWS Firewall Manager is a security management service that allows for centralized management of firewall rules across AWS accounts but does not provide direct protection itself; it manages other firewall services like AWS WAF and AWS Network Firewall.