AWS WAF - Web Application Firewall

AWS WAF is a web application firewall that lets you screen the HTTP(S) requests that are sent to an Amazon CloudFront distribution, and Amazon API Gateway REST API, or an Application Load Balancer.

AWS WAF additionally lets you control access to your substance. In view of conditions that you determine, for example, the IP tends to that solicitations begin from or the estimations of query strings, an Amazon CloudFront dissemination, an Amazon API Gateway REST API, or an Application Load Balancer reacts to demands either with the mentioned content or with an HTTP 403 status code (Forbidden). You can likewise arrange CloudFront to restore a custom blunder page when a solicitation is blocked.

Benefits

Agile protection against web attacks

AWS WAF rule proliferation and updates take under a moment, empowering you to rapidly refresh security over your condition when issues emerge. WAF bolsters many principles that can assess any piece of the web demand with a negligible dormancy effect on approaching traffic. AWS WAF shields web applications from assaults by separating traffic dependent on decisions that you make. For instance, you can channel any piece of the web demand, for example, IP addresses, HTTP headers, HTTP body, or URI strings. This permits you to square normal assault designs, for example, SQL infusion or cross-site scripting.

Save time with managed rules

With Managed Rules for AWS WAF, you can rapidly begin and ensure your web application or APIs against regular dangers. You can choose from many standard sorts, for example, ones that address issues like the Open Web Application Security Project (OWASP) Top 10 security dangers, dangers explicit to Content Management Systems (CMS), or rising Common Vulnerabilities and Exposures (CVE). Overseen rules are naturally refreshed as new issues develop, with the goal that you can invest more energy building applications.

Improved web traffic visibility

AWS WAF gives close to continuous permeability into your web traffic, which you can use to make new principles or cautions in Amazon CloudWatch. You have granular authority over how the measurements are radiated, permitting you to screen from the standard level to the whole inbound traffic. Furthermore, AWS WAF offers extensive logging by catching each reviewed web solicitation's full header data for use in security mechanization, investigation, or inspecting purposes.

Ease of deployment & maintenance

AWS WAF is anything but difficult to convey and secure applications sent on either Amazon CloudFront as a component of your CDN arrangement, the Application Load Balancer that fronts all your starting point servers, or Amazon API Gateway for your APIs. There is no extra programming to convey, DNS arrangement, SSL/TLS declaration to oversee, or requirement for a converse intermediary arrangement. With AWS Firewall Manager coordination, you can midway characterize and deal with your standards, and reuse them over all the web applications that you have to ensure.

Cost-effective web application protection

With AWS WAF you pay only for what you use. AWS WAF provides a customizable, self-service offering, and pricing is based on how many rules you deploy and how many web requests your web application receives. There are no minimum fees and no upfront commitments.

Security integrated with how you develop applications

Each element in AWS WAF can be arranged utilizing either the AWS WAF API or the AWS Management Console. This permits your DevOps group to characterize application-explicit standards that expand web security as they create applications. This lets you put web security at numerous focuses in the advancement procedure chain, from the hands of the designer at first composing code to the DevOps engineer sending programming, to the security directors authorizing a lot of rules over the association.

Features

Web traffic filtering

AWS WAF lets you make rules to channel web traffic dependent on conditions that incorporate IP addresses, HTTP headers, and body, or custom URIs. This gives you an extra layer of security from web assaults that endeavor to misuse vulnerabilities in custom or outsider web applications. Moreover, AWS WAF makes it simple to make decides that square regular web misuses like SQL infusion and cross-website scripting.

AWS WAF permits you to make an incorporated arrangement of decides that you can convey over different sites. This implies in a situation with numerous sites and web applications you can make a solitary arrangement of decides that you can reuse across applications instead of reproducing that standard on each application you need to secure.

Full feature API

AWS WAF can be totally managed through APIs. This furnishes associations with the capacity to make and keep up rules naturally and fuse them into the turn of events and configuration process. For instance, a designer who has point by point information on the web application could make a security rule as a feature of the organization procedure. This ability to fuse security into your improvement procedure maintains a strategic distance from the requirement for complex handoffs among application and security groups to ensure rules are stayed up with the latest.

AWS WAF can likewise be sent and provisioned naturally with AWS CloudFormation test formats that permit you to portray all security rules you might want to convey for your web applications conveyed by Amazon CloudFront.

Real-time visibility

AWS WAF provides real-time metrics and captures raw requests that include details about IP addresses, geo-locations, URIs, User-Agent, and Referers. AWS WAF is fully integrated with Amazon CloudWatch, making it easy to set up custom alarms when thresholds are exceeded or particular attacks occur. This information provides valuable intelligence that can be used to create new rules to better protect applications.

Integration with AWS Firewall Manager

You can centrally configure and manage AWS WAF deployments across multiple AWS accounts by using AWS Firewall Manager. As new resources are created, you can ensure that they comply with a common set of security rules. Firewall Manager automatically audits and informs your security team when there is a policy violation, so they can respond immediately and take action.

How it works