New Training: Filter Traffic with AWS Web Application Firewall

In this 5-video skill, CBT Nuggets trainer Bart Castle teaches you how to design for and implement intelligent traffic filtering using the AWS Web Application firewall. Learn how Application (Layer 7) firewalls differ from traditional network traffic filters and how to design appropriate filtering rules. Gain an understanding of the rules that can be combined into policies for robust logic. Watch this new AWS training.

Learn AWS with one of these courses:

• AWS Certified Security – Specialty

• AWS Certified SysOps Administrator – Associate

• AWS Certified Developer – Associate

This training includes:

• 5 videos

• 32 minutes of training

You’ll learn these topics in this skill:

• AWS WAF: Understanding the Benefits

• AWS WAF: Basics and Access Control Lists

• AWS WAF: Rule Conditions

• Firewall Manager Service: Initial Setup

• Firewall Manager Service: Security Policies

The AWS Web Application Firewall: The Crucial Basics

Amazon didn’t invent web application firewalls, but they have come close to perfecting their WAF for Amazon Web Services. In simple terms, a web application firewall can be an appliance, a server plugin or a programmatic filter. A WAF’s job is to protect a server running applications and ensure that hostile actors can’t make use of an application’s vulnerabilities to sneak their way into the server and move sideways and upwards to more sensitive and valuable data.

A WAF protects its applications and servers by monitoring the conversations that an application has with distant users and servers to make sure that there’s nothing in each conversation that could harm the server hosting your application. Technically, it’s monitoring HTTP applications for common attacks like cross-site scripting (XSS) or SQL injection.

The AWS WAF constantly provides protection to any web applications you have running on an AWS instance. With training, it’s possible to configure the settings of a WAF and set your own rules and filters, but much of AWS WAF’s functionality works out of the box with robust default settings. Amazon also publishes an API that you can use to create and deploy your own security rules or develop applications that integrate seamlessly with the WAF.