Web Application Firewall from AWS

Web Application Firewall from AWS

Web attacks cause extensive damage to business not only financially, but more from customer experience point of view as it has long-term implications on the brand.

AWS’ Web Application Firewall (WAF) has been designed to allow control over what kind of traffic to allow or deny to your application by easily defining customizable security rules.

All applications are vulnerable to malicious attacks from unscrupulous hackers. Attacks cause extensive damage to business not only financially, but more from customer experience point of view as it has long-term implications on the brand. A malicious attack can make your site unavailable during a high-visibility campaign, or induce a huge spike in resource utilization sending your costs haywire or it can breach your host and cause extensive damage to your application.

AWS’ Web Application Firewall (WAF) has been designed to allow control over what kind of traffic to allow or deny to your application by easily defining customizable security rules. WAF can implement firewalls policies based on IP addresses, HTTP headers, HTTP body or URI strings to protect your application against custom attack patterns including denial of service attacks, cross-site scripting and SQL injections. WAF allows you to be agile and responsive to attacks as new scripts can be deployed within seconds.

Using WAF has no upfront cost, you only pay for the number of rules you deploy and the number of web requests your application receives.

The biggest advantage of WAF is that you can apply WAF rules at the AWS CloudFront endpoints— CloudFront is AWS’ cloud distribution network. This means you have built firewalls far away from your servers at the distribution end-points, adding another layer of defence.

You can easily configure rules in WAF using Management console, so you can define application-specific rules while designing the application, while DevOps can define it during deployment and security experts can add yet another layer—allowing you to build multiple layers of defence for your application.

AWS WAF gives greater visibility and control over your web application, by providing you with real- visibility into the application. This enables you to create new rules or alerts on CloudWatch, so you can exercise tighter control over the application.