New Training: Filter Traffic with AWS Web Application Firewall
In this 5-video skill, CBT Nuggets trainer Bart Castle teaches you how to design for and implement intelligent traffic filtering using the AWS Web Application firewall. Learn how Application (Layer 7) firewalls differ from traditional network traffic filters and how to design appropriate filtering rules. Gain an understanding of the rules that can be combined into policies for robust logic. Watch this new AWS training.
Learn AWS with one of these courses:
This training includes:
32 minutes of training
You’ll learn these topics in this skill:
AWS WAF: Understanding the Benefits
AWS WAF: Basics and Access Control Lists
AWS WAF: Rule Conditions
Firewall Manager Service: Initial Setup
Firewall Manager Service: Security Policies
The AWS Web Application Firewall: The Crucial Basics
Amazon didn’t invent web application firewalls, but they have come close to perfecting their WAF for Amazon Web Services. In simple terms, a web application firewall can be an appliance, a server plugin or a programmatic filter. A WAF’s job is to protect a server running applications and ensure that hostile actors can’t make use of an application’s vulnerabilities to sneak their way into the server and move sideways and upwards to more sensitive and valuable data.
A WAF protects its applications and servers by monitoring the conversations that an application has with distant users and servers to make sure that there’s nothing in each conversation that could harm the server hosting your application. Technically, it’s monitoring HTTP applications for common attacks like cross-site scripting (XSS) or SQL injection.
The AWS WAF constantly provides protection to any web applications you have running on an AWS instance. With training, it’s possible to configure the settings of a WAF and set your own rules and filters, but much of AWS WAF’s functionality works out of the box with robust default settings. Amazon also publishes an API that you can use to create and deploy your own security rules or develop applications that integrate seamlessly with the WAF.