Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Automating Content Protection at the Edge

456 views

Published on

For this session, we showcase some real-world use cases where you can use Amazon CloudFront logs, AWS WAF, and AWS Lambda to identify bad actors and block them. We also show tutorials and code samples that can help you analyze traffic patterns, and deploy new WAF rules.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Automating Content Protection at the Edge

  1. 1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Nathan Dye AWS WAF Software Development Manager June 23, 2016 Automating Content Protection at the Edge
  2. 2. Agenda • Brief WAF Overview • Demos • Conclusion
  3. 3. Why use a WAF? Application Vulnerabilities Good users Bad guys Web server Database Exploit code
  4. 4. Use case for a WAF Content Abuse Good users Bad guys Web server Database
  5. 5. Another use case for a WAF Application DDoS Good users Bad guys Web server Database
  6. 6. What is AWS WAF? Edge Location AWS WAF Amazon CloudFront Elastic Load Balancing Amazon EC2 Amazon RDS
  7. 7. What is AWS WAF?
  8. 8. Customer case study Customer: Magazine Luiza • Large eCommerce platform in Brazil > than 700 stores Requirements: • Wanted protection days before Black Friday • Needed APIs for automation • Needed fast rule updates • Needed high-scale blocking
  9. 9. Customer categories for AWS WAF Ready-to-use Protection  SQLi  XSS Customizable Protection  Flexible Rules Engine  Size Constraint Rules, Body Inspection
  10. 10. Customer categories for AWS WAF Ready-to-use Protection  SQLi  XSS  Easy Automated Setup with Cloud Formation Templates  Setup Time: ~1 min Customizable Protection  Flexible Rules Engine  Size Constraint Rules, Body Inspection  Lambda Based Protection  Open Source GitHub Repository Automated Protections
  11. 11. Demo 1: Easy automated setup Protection Against Common Attacks  SQL injection attacks  Cross-site scripting attacks  IP Blacklist Edge Location Amazon CloudFront Elastic Load Balancing Amazon RDS Amazon EC2 AWS CloudFormationAWS WAF
  12. 12. Demo 1: Easy Automated Setup
  13. 13. Demo 2: Lambda based automated protection • Problem: HTTP Requesters Overwhelm Web Servers or Database Servers • Solution: Count Number of requests in CloudFront access logs and block offenders Attackers HTTP Floods (Rate Based Blacklisting)
  14. 14. Demo 2: Lambda based automated protection HTTP Floods (Rate Based Blacklisting) Good users (allowed on src ip) Bad users (blocked on src ip) Amazon CloudFront Elastic Load Balancing Amazon EC2 Amazon RDS AWS WAF CloudFront Logs in S3 AWS Lambda Amazon CloudWatch 1 3 2 4 AWS CloudFormation Stack
  15. 15. Demo 2: Lambda Based Automated Protection
  16. 16. More Lambda based automated protection HTTP floods Scans & probesIP reputation lists Bots & scrapers Attackers • Ready to use as-is • And Customizable
  17. 17. Session Takeaways CloudFront In Front of your Websites and APIs  TLS/SSL Acceleration  Improve Application performance without caching  Inherent DDoS Protection AWS WAF for Automated Protection  Easy Setup. Get started within minutes https://aws.amazon.com/waf/pr econfiguredrules/  Customizable Automated Protection. https://github.com/awslabs/aws -waf-sample
  18. 18. Thank you! @cloudfront https://aws.amazon.com/waf/ CloudFront.com

×