How Ibexlabs implements WAF to keep our clients’ data safe

May 16, 2023
/
Santosh Peddada
/
No items found.

Cloud has enabled us to grow at an incredible pace, one can develop and deploy an application faster than ever before. With this newfound pace, the number of applications and websites available on the internet is increasing day-by-day and so are the Web attacks on these applications.

Common Web Attacks and How it affects the applications:

People with malicious intentions scan the internet to find applications with vulnerabilities and attack them, some of the common types of attacks are SQL injection, Cross-site-scripting(XSS), DDoS attacks. Without proper protection, these attacks can cause downtime of your business-critical applications and even data breach.

DDoS attacks can overload target web applications or servers reducing the bandwidth and preventing a legitimate user from accessing the application, SQL injections can let the attacker inject malicious code into user fields and gain access to the application database. These types of attacks can lead to serious downtime and loss of data.

With the increased attacks, the security of applications has become critical, no one wants their business application to experience downtime or lose their data. To protect the applications against web attacks the developers need to configure and control the traffic to their applications and increase the defense to have a strong firewall to withstand the web attacks and there should not be any misconfiguration as it may lead to serious implications. There is a need for a solution to prevent the vulnerabilities and easily protect against web attacks. AWS WAF (Web Application Firewall) is built to address these issues.

AWS WAF and How it prevents web attacks:

AWS WAF is a highly configurable and scalable cloud-native web application firewall (WAF) giving you the first line of defense to incoming threats, it helps protect your web applications or APIs against common web exploits and bots that may affect availability, compromise security, or consume excessive resources. AWS WAF gives you control over how traffic reaches your applications by enabling you to create security rules that control bot traffic and block common attack patterns, such as SQL injection or cross-site scripting.

You can also customize rules that filter out specific traffic patterns. You can get started quickly using Managed Rules for AWS WAF, a pre-configured set of rules managed by AWS to address issues like the OWASP Top 10 security risks and automated bots that consume excess resources, skew metrics, or can cause downtime. These rules are regularly updated as new issues emerge. AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of security rules.

Features and Benefits:

Agile protection against web attacks: AWS WAF rule propagation and updates take just under a minute, enabling you to react faster when you are under an attack or when security issues arise. WAF supports hundreds of rules that can inspect any part of the web request with minimal latency impact to incoming traffic.

Save time with managed rules: With managed Rules for AWS WAF, you can quickly get started and protect your web application or APIs against common threats. managed Rules are updated automatically and are available from AWS or AWS Marketplace sellers.

Improved web traffic visibility: AWS WAF gives near real-time visibility into your web traffic, which you can use to create new rules or alerts in Amazon CloudWatch. In addition, AWS WAF offers comprehensive logging, allowing you to capture each inspected web request’s full header data for use in security automation, analytics, or auditing.

Ease of deployment and maintenance: AWS WAF is easy to deploy and protects application(s) deployed on either Amazon CloudFront, the Application Load Balancer, or Amazon API Gateway. There is no additional software to deploy, DNS configuration, or SSL/TLS certificate to manage.

How WAF works:

AWS WAF uses a web access control list (ACL) to protect a set of AWS resources. You create a web ACL and define its protection strategy by adding rules. Rules define criteria for inspecting web requests and specify how to handle requests that match the criteria. You set default action for the web ACL that indicates whether to block or allow through those requests that pass the rules inspections.

After you create your web ACL and define rules you can associate it with one or more AWS resources. The resource types that you can protect using AWS WAF web ACLs are Amazon CloudFront distribution, Amazon API Gateway REST API, Application Load Balancer, and AWS AppSync GraphQL API.

It protects your PHP applications, Linux, and Windows platforms with the provided Core-Linux, Core-Windows, and Core-PHP custom rules to protect your applications based on the requirement. You can also protect your Global CloudFront resources with the CloudFront-Core-Linux, CloudFront-Core-Windows, and CloudFront-Core-PHP

How Ibexlabs enhances WAF:

Ibexlabs WAF solution is created with industry-standard best practices to enhance the existing WAF features and add benefits to make it even stronger to defend against web attacks. It comes with custom rules in addition to the managed rules that mitigate all the common attacks and reduces application vulnerability.

Ibexlabs mandates that all production applications should have protection from web attacks by leveraging WAF for application endpoints. We implement infrastructure as a service mechanism to provision and automatically integrate WAF with Elastic LoadBalancer, API Gateway, Cloudfront Endpoints with Amazon CloudWatch metrics to monitor and troubleshoot your AWS WAF resources, all the custom rules, and managed rules.Interested in learning more about how Ibexlabs can help your business improve your security posture and ensure ongoing compliance? Contact us today!

Santosh Peddada

Santosh Peddada is a Solution Architect with Ibexlabs. He has been in the IT industry for around 7 years, holding positions from Devops Engineer to Solution Architect. For the past two years, he has been an integral part of the design and development of AWS architecture for clients. He has served as the product owner for the Ibex Catalog, and provided solutions for a number of different industries.

Talk to an Ibexlabs Cloud Advisor