AWS Web Application Firewall
AWS Firewall Manager
The course is part of these learning paths
Explore the 3 AWS services, designed to help protect your web applications from external malicious activity, with this course. Once getting started, this course will delve into depth on all three services, comprised of AWS Web Application Firewall Service (WAF), AWS Firewall Manager and AWS Shield. By learning how all three services can be used together for enhanced protection of web applications you enterprise will wholly benefit from all the advantages that these services have to offer.
Study the core principles, understand the importance and discuss how protecting web apps with AWS can elevate your business to the next level with this cohesive course made up of 14 lectures, including demos.
- Gain a core foundation of what AWS WAF is and what it does
- Knowledge of how to configure and implement a WAF solution
- Analyze how AWS WAF works closely with AWS CloudFront
- An understanding of how AWS Firewall Manager can be used to help you control AWS WAF across multiple accounts
- How AWS Shield is protecting Distributed Denial of Service attacks
- An awareness of different types of DDoS attacks
- An awareness of the step involved in configuring AWS Shield Advanced
- Security architects
- Technical engineers
- Website administrators
- Anyone requiring a deeper understanding of WAF, Shield, and Firewall Manager
Cloud Academy would recommend having a basic understanding of the following, before starting this course:
- Amazon CloudFront Distributions
- AWS Application Load Balancer
- AWS Organizations
- The 7 layers of the OSI model
Related Training Content
If you are interested in further training content related to this topic, discover the following Learning Paths:
It should be noted that this course will be replacing the existing course on this topic found currently here.
Hello and welcome to this lecture where I shall introduce the components of the AWS Firewall Manager service. There are primarily three different components to Firewall Manager that allow you to control and manage walls across multiple AWS accounts within your AWS organization. These being, WAF rules, rule groups and Firewall Manager policies. I covered what AWS WAF rules are in a previous lecture so I won't go over the same information again. So next we have rule groups. These simply allow you to group together one or more WAF rules that will all have the same action applied when the conditions are met within a rule. You have two options for your rule groups, you can create your own and add your own WAF rules or you can purchase existing rule groups pre-configured with set AWF WAF rules by the AWF Marketplace. By using the Marketplace rule groups it provides a number of benefits. For example they are all pre-configured and ready to deploy and are supplied by AWS and other AWS approved partner companies. Many of them allow protections against known vulnerabilities, specifically those highlighted within the open web application security project, the OWASP top 10 list, and they could help you to gain compliance to specific regulations such as PCI or HIPAA. Unlike web rules, rule groups can only contain one of two actions.
These being either block or count. And they have the same meaning as defined within the WAF section. There is no allow action for rule groups. Also you can only have 10 rules per rule group which can't be increased. For other limitations of Firewall Manager please see the following link. Once you have created your rule groups containing your rules, you then have to create an AWS Firewall Manager Policy. This policy simply contains the rule groups that you want to assign to your AWS resources. It's important to point out that you can only have two rule groups per policy, one customer created rule group, and one AWS Marketplace rule group. This limit cannot be changed. So to recap, AWS WAF rules are created or selected first, which as we know contain conditions. WAF rules can then be added to a rule group which will have either a block or a count action associated. Finally, a rule group is then added to an AWS Firewall Manager Policy which is then associated to AWS resources, such as your cloud front distributions or application load balances. Do be aware that the cost of each policy is $100 per policy, per region, per month. That has brought me to the end of this short lecture. Coming up next I will provide a demonstration on how to use and create some of these components to add to our policy.
About the Author
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data centre and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 50+ courses relating to Cloud, most within the AWS category with a heavy focus on security and compliance
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.