From the course: Complete Guide to AWS Security and Compliance Management
Exploring Web Application Firewall - Amazon Web Services (AWS) Tutorial
From the course: Complete Guide to AWS Security and Compliance Management
Exploring Web Application Firewall
- [Instructor] Now that we have an understanding of WAF, let's explore what it's like to configure and use it. Consider the following scenario. I have a load balanced application running in Ohio. I've been having a good experience with my internet traffic overall. However, I've noticed curious activity from an IP address arousing my suspicions. I want to block all access from that address. Therefore, I'm going to enable WAF and create a single customized filtering rule. The first thing I need to do is configure an IP set. The IP set will contain this bad address. Then I'll have my WAF rule reference that IP set, which will block all associated access from that address. Meanwhile, all other internet traffic will flow through straight to the web servers. Here I am in the EC2 console in the load balancing section. Popping open my load balancer, I'm simply going to copy the DNS name for the load balancer and open it up in a new browser tab. What we get back is nothing fancy, a simple demonstration web server. Switching screens, you can see that I'm logged into an EC2 instance. Note that the public IP address is in the upper right corner, 16.16.197.120. That's the address we're going to end up blocking. However, at this point, let's validate that we can get to the load balancer as expected. In a browser, I enter the address for the load balancer. As expected, I'm able to access it successfully. Now let's go ahead and create an IP set that will identify this specific IP address. Back on my laptop, I'm going to click over to the tab where I have the web console open. From there, I'm going to search for WAF. Clicking on the resulting link takes me to the landing page for the WAF service. Since I know I need to create an IP set, I'm just going to go ahead and do that straight away. Clicking on the IP set link in the left hand nav brings me to the IP sets page. To proceed, I'm going to go ahead and click create IP set. The first thing I'll do is give this IP set a name. I'll also supply a description. The next thing I need to do is specify the AWS region where I want this IP set to be created. Recall that my load balancer is in the Ohio region, so that's what I'm going to specify here. Finally, all I need to do is enter the bad IP address in the IP addresses box. Note that the slash 32 at the end uniquely identifies that specific IP address. If I wanted to, I could be more expansive here and block an entire range of addresses. However, all I want to do for now is just block that one single address. So I'll go ahead, scroll to the bottom, and proceed by clicking the create IP set button.
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
Understand Web Application Firewall4m 33s
-
Exploring Web Application Firewall3m 29s
-
(Locked)
Configuring Web Application Firewall6m 30s
-
(Locked)
Validating Web Application Firewall3m 54s
-
(Locked)
Understand AWS Shield5m 15s
-
(Locked)
Understanding AWS Firewall Manager3m 16s
-
(Locked)
Understanding AWS Network Firewall4m 31s
-
(Locked)
Understand AWS Verified Access4m 21s
-
(Locked)
Understanding DNS Firewall2m
-
(Locked)
Configuring DNS Firewall6m 11s
-
-
-
-
-