Mais conteúdo relacionado Semelhante a NEW LAUNCH! Introduction to Managed Rules for AWS WAF - SID217 - re:Invent 2017 (20) Mais de Amazon Web Services (20) NEW LAUNCH! Introduction to Managed Rules for AWS WAF - SID217 - re:Invent 20171. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
MANAGED RULES
on AWS WAF
A N D R E W T H O M A S ( G M , P e r i m e t e r P r o t e c t i o n )
S U N D A R J A Y A S H E K A R ( S r . P r o d u c t M a n a g e r , A W S W A F )
SID217
November 29, 2017
2. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What to expect from this session
1. AWS WAF intro
2. What are we launching today?
3. Key benefits
4. Product details
5. Demo: How to get started?
3. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What is a WAF?
Web Application Firewall
Monitors HTTP/S requests and
protects web applications from
malicious activities
Layer 7 inspection and mitigation tool
4. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What is AWS WAF?
Web traffic filtering with
custom rules
• Rate based rules
• IP Match & Geo-IP filters
• Regex & String Match
• Size constraints
• Action: Allow/Block
Malicious request blocking
• SQLi
• XSS
Active monitoring & tuning
• CloudWatch
Metrics/Alarms
• Sampled Logs
• Count Action mode
5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Where AWS WAF can help
Application
layer
Bad botsDDoS Application attacks
HTTP floods
Content scrapers
Scanners & probes
CrawlersSQL injection
Application exploits
Social engineering
AWS WAF
6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Why we launched AWS WAF
“We don’t want to manage servers”
“We don’t want to pay thousands of $$”
“We want full API support for
DevOps”
Easy to deploy
7. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS WAF available on
Amazon CloudFront Application Load Balancer
8. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What do customers like about AWS WAF?
Fast incidence
response
Powerful, flexible rule
language
AffordableSecurity automation Preconfigured
templates
Easy to deploy
9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
But we are not done. Challenges exist.
“I don’t want expensive Pro-Serv engagements to
write and tune my rules”
“I want to focus on writing web applications and
not security rules”
“I don’t have the resources to write rules that keep
up with the bad guys”
10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Earlier today we announced…
Managed Rules on AWS WAF
with five featured sellers!
11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
We are excited to present to you …
Five trusted names in security
12. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Featured sellers
13. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What are Seller Managed Rules?
• Rule sets written and managed by trusted security
sellers on the AWS Marketplace
• Deployed on AWS WAF
14. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Benefits
D e e p D i v e - M a n a g e d R u l e s o n A W S W A F
15. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Rules managed by security experts (1/5)
Rules from trusted names
No need for your own Threat Research teams
Reduces the need to write your own Rules
Focus on building solutions for your customers
16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Choice of protections (2/5)
Five sellers Eleven products
17. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Auto-updates (3/5)
Ensure protection against new and emerging threats
Security research teams monitor, tune, and
update Rules on a regular basis
Rule updates happen within minutes
No extra cost for updates
18. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Pay as you go (4/5)
Affordable and pay as you go
No contracts needed
No need for ProServ engagements
Unsubscribe anytime
19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Easy to deploy (5/5)
Easy subscription process
Deployed on AWS WAF service
Low maintenance
20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summarizing – Key benefits
1. Rules managed by security experts
2. Choice of protections
3. Auto-updates
4. Pay as you go
5. Easy to deploy
21. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Easy to get started
22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Deploy in three easy steps
Find rules on AWS WAF
console or AWS
Marketplace
Click and
subscribe
Associate rules in
AWS WAF
23. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Demo
L e t ’ s s e e h o w t h i s i s d o n e
24. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Pricing
P a y a s y o u g o
25. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
How are Managed Rules priced?
Two pricing dimensions:
Rule Group monthly fee ($/month)
Request fee per Million Requests ($/Million Request)
Sellers set their own prices in AWS Marketplace
Seller prices are in addition to normal AWS WAF charges
26. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Eleven new products!
A v a i l a b l e l a t e r t o d a y
27. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Fortinet: Product details
3. GEN+KNOWN
•Advanced ruleset
•General Attacks
•Known Exploits
•FortiGuard proprietary
protections
•Injection attacks
•URL redirects
•HTTP response
splitting
2. BAD BOTS
•Malicious Bots
•Content Scrapers
•Vulnerability
Scanners
•Specialized
protections
•Protects from known
unwanted
automated clients
1. SQLI+XSS
•Basic protection
rules
•SQL Injection
•Cross Site Scripting
•Additive to AWS
XSS and SQLi
protections
4. OWASP Rules
•SQLi/XSS +
•General Attacks +
•Known Exploits
•Discount over
purchasing separately
•FortiGuard proprietary
protections
28. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Imperva: Product details
• Reputation-based security
• Comment spam elimination
• Ensure search engine access
1. Managed Rules for IP
Reputation
2. Managed Rules for WordPress
Protection
• Protect your web applications built using
WordPress
• Detect and block requests targeting
WordPress vulnerabilities
• Decades of security experience and best practices – leveraging Imperva’s market-leading WAF
technology
• Ensure protection against new and emerging threats – security research team monitors, tunes,
and updates rulesets on a regular basis
29. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Trend Micro: Product details
2. Content Management
Servers (CMS) Rules
Protects common CMS and EMS
including WordPress, Joomla,
and Drupal from known
vulnerabilities, and to help
meet PCI DSS requirements.
Trend Micro delivers proactive
global threat intelligence
against zero-hour threats to
ensure that you are always
protected.
1. Rules for Nginx and
Apache servers
Protects web servers, including
the Apache Suite (Apache
Httpd, Apache Struts, Apache
Tomcat) and Nginx, from
known vulnerabilities and
helps meet PCI DSS
requirements.
30. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Trustwave: Product details
2. CMS Virtual Patches1. ModSecurity Virtual
Patching
Protection against common
CMS and EMS including
WordPress, Joomla, and
Drupal from known
vulnerabilities and to help
meet PCI DSS requirements.
Select Trustwave SpiderLabs
ModSecurity. As the threat
landscape evolves,
Trustwave SpiderLabs will
continue to provide new
patches.rity virtual patches.
31. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Alert Logic: Product details
Security expert-crafted
protection
Protect while you patch.
No tuning required.
Cover last six months of
known WordPress
exploits
1. Virtual Patches for WordPress
32. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Revisiting AWS WAF benefits
Fast incidence
response
Powerful rule
languageEasy to deploy
AffordableSecurity automation Preconfigured
templates
33. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS WAF benefits
Fast incidence
response
Powerful rule
languageEasy to deploy
AffordableSecurity automation Managed
rules
34. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Managed rules from security leaders
35. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
To learn more, visit …
https://aws.amazon.com/mp/security/WAFManagedRules/
36. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
THANK YOU!
Q u e s t i o n s ?