No Widgets found in the Sidebar

While it can be tempting to view a firewall as a way to block unused TCP or UDP ports, there is another type of firewall that can be used for protecting resources at other layers in the network stack.
A Web application firewall (WAF) is one such protection mechanism. It is designed to monitor traffic to a Web front-end, and filter out malicious traffic.
It is not surprising that Amazon Web Services (AWS), a popular platform for hosting Web apps, offers WAF capabilities to its customers.
Log in to the AWS portal, then select WAF & Shield among the available services. The Security, Identity & Compliance section contains the WAF and Shield options.
After making your selection, you’ll be taken to the AWS Shield and AWS WAF screens, as shown in Figure 1. To get started, click the Go to AWSWAF button.
[Click on the image to see a larger version.] Figure 1: Click the button to go to AWS WAF. The screen will look similar to the one in Figure 2. This screen explains AWS WAF, which is a service that protects the Web sites and Web apps you host on AWS. The screen also explains that you will need a Web access control listing (ACL), which sets the rules for which Web request you want to block and which ones you want to allow.
Click on the Configure Web-based ACL button to get started.
[Click on the image to see a larger version.] Figure 2: Click on the Configure Web-based ACL button. You will now be taken to a screen that shows the concept overview. This screen, as shown in Figure 3, is a bit intimidating at first glance. You don’t have to do anything except click Next. This screen is only meant to help you understand the structure of the WAF.
ACLs are used by the WAF to decide whether or not to block requests. These ACLs consist of a number of rules, each of which is composed of conditions. For example, a condition could be set up to detect suspicious IP addresses.
[Click on the image to see a larger version.] Figure 3: This screen shows you the key concepts you will need to know. Next will take you to the Name Web ACL screen. This screen will ask you to give the ACL a name. The WAF uses Amazon CloudWatch. This field is automatically filled in.
You will also need to specify the AWS region you wish to use and any AWS resources you wish to associate with the ACL you are creating. Figure 4 shows you how this screen looks.
[Click on the image to see a larger view.] Figure 4: This screen is the Name Web ACL screen. Click Next to be taken to the Create Condition screen. Although creating a condition can be done quickly, it is worth taking the time to explore all options.
Clicking the Create Condition button associated with a particular condition type is how you create a condition. If you want to create an IP address match condition for example, you will need to locate the IP Match Condition section, and then click on the Create Condition button as shown in Figure 5.
[Click on the image to see a larger view.] Figure 5: Select a condition type, then click the Create Condition button. When you create conditions, you’ll be asked to enter information relevant to the condition. If you create an IP match condition then you will need the IP address you want to monitor.
Click Next to be taken to the Create Rules screen. It is easy to create a rule. It involves first defining a condition and then specifying it.

By Delilah