AWS Web Application Firewall and Inspector
Keeping your apps and cloud servers secured should be less challenging now. AWS offers two new services.Amazon Inspector and Web Application Firewall.
What is Amazon Inspector?.
Amazon inspector is used to check your server and application environment for security vulnerabilities based on predefined rules and known vulnerabilities. It will assess your cloud servers (EC2 instances) covering Operating System , Storage , network and also your application.
You will have to install an agent on your server for the AWS inspector to assess and report findings including vulnerabilities.
What is AWS Web Application Firewall works ?.
AWS WAF is like any other web application firewall (WAF) protecting your application from attacks like SQL injection, cross scripting ,web exploits,etc.
Instead of relying on costly third party tools , you can use the firewall to secure your application.
How to set up WAF?.
AWS Web Application Firewall provides an easy to use interface from within AWS console to setup the WAF.It can be deployed with a few clicks. OfCourse some understanding of the protocols, ports and rules will help to set it up correctly.
First , you define conditions at IP level or at http header level(e.g IP x.x.x.x or http header containing specific host). Next you defined the rules to block or allow the traffic based on those conditions.
Requests to you application will be allowed or blocked as per the rules defined. You can have multiple rules with different conditions.
If you are using AWS to host your application then it must be worth setting it up and securing your application.
WAF can be deployed only if you are using AWS Cloudfront(content caching) service to deliver your application.The charges are based on the number of ACL’s(access control list) and rules defined. Charges start from as low as $10 per month.
We think WAF is a very useful addition to the AWS services. Many small businesses were concerned about securing their application, but were not able to afford costly third party tools or services. For them this should be a simple , reliable and a cost effective option.
Have more questions ? Reach us, using the form link given below.
Connect with Saif @ https://in.linkedin.com/in/syedsaif
For any queries reach us at email@example.com | Use the Form