The WAF is the highly configurable and scalable Web Application Firewall that offers the first line of defense against application-level threats.
AWS WAF is a web application firewall that helps protect your web applications or APIs from common web exploits that can affect availability, compromise security, or consume excessive resources, which often results in out-of-control costs. AWS WAF gives you control over how traffic reaches applications by allowing you to create security rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that filter out specific traffic patterns.
Among the most important attacks, managed by the WAF, there are for example those of the OWASP Top 10 https://owasp.org/Top10/it/, which represent the greatest danger for the security of Web applications:
2021 OWASP Top Ten
You can deploy AWS WAF on Amazon CloudFront as part of a CDN solution, Application Load Balancer applied on web servers or origin servers running on EC2, Amazon API Gateway for your REST APIs, or AWS AppSync for your GraphQL APIs . With AWS WAF, pricing is calculated based on actual usage, the number of rules deployed, and the number of web requests received.
Agile Protection Against Web Attacks AWS WAF rule updates and propagation take less than a minute, allowing you to quickly update security across your environment in the event of a problem. WAF supports hundreds of rules that can inspect any part of the web request with minimal latency impact on incoming traffic. AWS WAF protects web applications from attacks by filtering traffic based on configured rules. For example, you can filter any part of the web request, such as IP addresses, HTTP headers, HTTP body, or URI strings. This allows you to block common attack patterns, such as SQL injection or cross-site scripting.
With Managed Rules for AWS WAF, you can get started quickly and protect your web application or API from common threats. You can select from many types of rules, such as those that address issues such as the Top 10 Security Risks of the Open Web Application Security Project (OWASP), threats specific to content management systems (CMS) or vulnerabilities and common emerging exposures (CVEs). Managed rules are automatically updated as new problems arise, so you can focus on building applications.
It takes less than a minute to propagate and update AWS WAF rules, allowing you to quickly update security issues in your environment as soon as a problem arises. WAF supports hundreds of rules that inspect any part of web requests with minimal latency impact on incoming traffic. AWS WAF protects web applications from attacks by filtering traffic based on custom rules. For example, you can filter any part of a request on the web, such as IP addresses, HTTP headers, HTTP body, and URI strings. This allows you to block common cyberattack patterns, such as SQL injection or cross-site scripting.
CriticalCase, as an AWS partner, has developed a strong expertise on implementing AWS WAF in different contexts. Thanks to years of experience, gained on multiple projects, we have developed a series of best practices aimed at installing, configuring and maintaining AWS WAF in the most correct and appropriate way for the customer context. These activities cover the implementation of and management of:
Dashboard ElasticSearch Kibana per il monitoring del WAF
Over the years, we have had the opportunity to support our customers with our AWS WAF solutions, applying them to the most diverse contexts, including: e-Commerce, Web Site, Web Applications of various kinds.
Some organizations, in addition to the design, deployment and integration of AWS WAF, also entrust us with governance and operational management. This implies centralized management by a specialist team that operates 24/7. The Operational Management team monitors the correct functioning of the WAF, carries out tuning on the filtering rules and on all aspects that guarantee its correct functioning. The team is also able to recognize and promptly intervene in the event of an attack, detected thanks to the AWS CloudWatch monitoring system and the AWS ElaticSearch Kibana analysis and monitoring dashboard.
The ElaticSearch Kibana dashboard is an aggregator of the information provided by the AWS WAF logs, and provides near real-time information about:
The solution is also equipped with different automatisms, through AWS Lambda, aimed at tuning and improving the WAF Rules, as shown in the architectural design:
WAF Logging & Management Solution Architecture
You can centrally configure and manage AWS WAF deployments across multiple AWS accounts using AWS Firewall Manager. When you create new resources, you can ensure that they comply with a set of security rules. Firewall Manager performs automatic audits and notifies the security team when a policy violation occurs, allowing them to respond and act promptly. For more information on Firewall Manager visit the product website.
AWS WAF offers independent pricing that is charged based on the use of web ACLs, rules and number of requests inspected (traffic) according to the following logic: https://aws.amazon.com/en/waf/pricing/
In the solution that includes the ElasticSearch Kibana dashboard, you will be charged based on the use of AWS Kinesis Data Firehose, ElasticSearck, Kibana, and the other services shown in the solution. If you choose to use WAF Managed Rules from AWS Marketplace, you can subscribe to managed rules and only pay for what you use. There are no underwriting contracts or commitments as managed rules are charged by the hour. For workloads with high volumes of requests, consider evaluating AWS Shield Advanced to reduce costs per request. When AWS WAF is used with resources protected by AWS Shield Advanced, there is no additional charge for using AWS WAF and AWS Firewall Manager. You simply pay the costs associated with AWS Shield Advanced. This approach can help optimize costs for heavy workloads.
Via Chambery 93/107-V 10142 – Torino, Italy
+39 011.5097366 | info@criticalcase.com
Via Industria 31/A, 6987 Caslano, Switzerland
+39 011.5097366 | info@criticalcase.com
124 City Road London, EC1V 2NX, London, United Kigdom | info@criticalcase.com
Compila il form e un nostro esperto ti ricontatterà entro 24 ore: non vediamo l’ora di conoscerti!
Iscriviti alla nostra newsletter per restare aggiornato sulle novità dell’universo Criticalcase
