Skip links

HOW WAF PROTECTS YOUR WORKLOADS FROM CYBER MISCHIEF

More and more businesses are taking advantage of the many benefits of cloud computing to move their data and workloads to the cloud. Chief among these is security. Public clouds are always perceived as safe: after all cloud providers owes it to their clients to ensure security, and to the success of their own business, as well. AWS for one takes security very seriously to the extent to meeting regulatory compliances for several industries. But cloud security must never be taken for granted. AWS itself has always defined security in the cloud as a shared responsibility. Which means you, as customer, must ensure preventive measures are put into place to keep your workloads and data safe from cyber threats. One of the fundamental solutions that AWS offers to protect your web applications is AWS WAF, (Web Application Firewall)

As its name suggests, AWS WAF is a firewall that acts as a protective wall between your workloads and malicious cyber activities, such as SQL Injection, cross-site scripting, etc. It is highly customizable, allowing you to configure rules to permit or block entry based on conditions you set as filters, e.g. IP addresses, HTTP headers, etc.

And you don’t need to set up separate servers to manage the firewall; AWS WAF is designed for integration with supported services. Every time a request is received by a service for your web-application, it is re-directed to WAF. The firewall compares pre-set parameters to see if the request complies with the rule that has been set. If the request doesn’t meet the stipulated condition, it get blocked. If it does meet the preconfigured rules, the request is granted.

Deploying WAF

WAF can be deployed with other AWS services, like CloudFront, Amazon API Gateway and ALB. Each has a different use and meets a different objective.

Deploying with AWS CloudFront.

Deploying WAF with CloudFront makes it part of your CDN Network. It will protect contents at origin as well as resources that are cached at edge locations.

Deploying with AWS Application Load Balancer (ALB):

Deployment with ALP provides protection to instances running on the load balancer.

Deploying with AWS API Gateway

Deploying AWS WAF with API Gateway protects the REST APIs from web-based threats.

Setting up AWS WAF

Before setting up WAF, you will need to create a web Access Control List—the list should include rule, or rules that specify which requests to allow and which to block. You have the leeway to create rule sets as you need to adopt the managed rule groups that are offered by AWS and AWS Marketplace sellers.

You can also write specific rate-based rules; for instance, blocking an IP address whose requests cross the pre-set limit for a specified time limit (e.g. more than 1000 times in a three minute period)

Rate-based and regular rules can be included in the same set, giving the used added flexibility.

WAF Pricing

AWS’s pay-as-you-go model includes AWS WAF too. As in other AWS services that offer this pricing model, there are no upfront commitments. There are however different cost components, for instance: monthly charge per web ACL, monthly charge per rule added to web ACL, and monthly cost per million requests processed.

Although AWS levies no additional charges to use managed rules or rate based rules, if you are using 3rd party managed rules you will be liable for charges as set by the seller.

Conclusion:

Security in the cloud is not a luxury but a necessity. And organizations must ensure that their security wall is set up before they migrate any of their workloads to their cloud set up. AWS, which integrates smoothly with other AWS Services is the preferred choice to protect workloads in the cloud, thanks to its simple set-up, transparent pricing and usability.

Leave a comment

Explore
Drag