AWS Web Application Firewall and Inspector

by | Sep 8, 2016

AWS WAF and Inspector FAQKeeping your apps and cloud servers secured should be less challenging now. AWS offers two new services.Amazon Inspector and Web Application Firewall.

What is Amazon Inspector?.
Amazon inspector is used to check your server and application environment for security vulnerabilities based on predefined rules and known vulnerabilities. It will assess your cloud servers (EC2 instances) covering Operating System , Storage , network and also your application.

You will have to install an agent on your server for the AWS inspector to assess and report findings including vulnerabilities.

What is AWS Web Application Firewall works ?.
AWS WAF is like any other web application firewall (WAF) protecting your application from attacks like SQL injection, cross scripting ,web exploits,etc.

Instead of relying on costly third party tools , you can use the firewall to secure your application.

How to set up WAF?.
AWS Web Application Firewall provides an easy to use interface from within AWS console to setup the WAF.It can be deployed with a few clicks. Ofcourse some understanding of the protocols, ports and rules will help to set it up correctly.

First , you define conditions at IP level or at http header level(e.g IP x.x.x.x or http header containing specific host). Next you defined the rules to block or allow the traffic based on those conditions.

Requests to you application will be allowed or blocked as per the rules defined. You can have multiple rules with different conditions.

If you are using AWS to host your application then it must be worth setting it up and securing your application.

The catch
WAF can be deployed only if you are using AWS Cloudfront(content caching) service to deliver your application.The charges are based on the number of ACL’s(access control list) and rules defined. Charges start from as low as $10 per month.

We think WAF is a very useful addition to the AWS services. Many small businesses were concerned about securing their application, but were not able to afford costly third party tools or services. For them this should be a simple , reliable and a cost effective option.

Have more questions ? Reach us. Contact(at)clozon.com or using the form on this page.

Connect with Saif @ https://in.linkedin.com/in/syedsaif

How to reduce your AWS Cloud charges?

How to reduce your AWS Cloud charges?

One of the frequent  queries we get from customers  is on the increased AWS bill. Queries like ,   1.What exactly has led to the increase in costs? 2.How to reduce AWS cloud bill by upto 50% ?   The reasons for the increase in bill are varied. But often the bill...

How to migrate your website to AWS from other hosting provider?

How to migrate your website to AWS from other hosting provider?

Ok. You have decided to migrate your critical website or application to AWS or Azure. 1. How to ensure migration is smooth with no surprises or issues? 2. How to plan the migration ? Here's a look at the critical points to be considered when planning a website...

How to shift from AWS USD billing to Rupee (INR) billing ?

How to shift from AWS USD billing to Rupee (INR) billing ?

Sometime back Amazon Web Services introduced INR currency billing option for users based in India. You are billed for cloud services in INR based on the exchange rate as on the bill date. This is a very useful option for businesses signing up for new AWS accounts....