Amazon launches AWS web application firewall
A new option has been offered to Amazon Web Services customers who want to increase the security of their servers: AWS WAF.
This web application firewall aims to stop random probing attackers in their tracks, by denying requests for information, authentication (for example, when the attacker tries a few common usernames and passwords) and the various exploits for known vulnerabilities (perhaps powered by SQL injection or cross-site request forgery).
The firewall can be fine-tuned as similar offerings by other vendors: create conditions that form rules, chose the action(s) to be performed when those conditions are met, gather several rules and actions into a web Access Control List (Web ACL), and then associate it with a CloudFront distribution (for now).
“Each incoming request for a distribution is evaluated against successive rules until a request matches all of the conditions in the rule, then the action associated with the rule is taken. If no rule matches, then the default action (block or allow the request) is taken,” chief AWS evangelist Jeff Barr noted in a blog post, and explained the process of creating each of the above mentioned things.
“Even if you keep your servers well-patched and do what you can to keep the attack surface as small as possible, there’s always room to add an additional layer of protection,” he concluded, adding that it is the fate of all servers to be bombarded with illegitimate requests 24 hours a day, 7 days a week.
The company hes set the following prices for using the firewall: $5 per web ACL, $1 per rule, and $0.60 per million HTTP requests.
While WAFs are definitely helpful, users should known that they are not bulletproof (nothing is, when it comes to security) and that other available protections should not be ignored.