Protect Your Web Applications with a Firewall That Understands Your AWS Environment

Protect Your Web Applications with a Firewall

MediaTemple & CloudTweaks Thought Leadership Brand Series

As cloud computing moves closer and closer to the center of business operations, there are more threats than ever from malicious players looking to hack or disrupt the flow of data. It seems that every month there are stories about huge data hacks where millions of users’ most private information is stolen by shadowy, well-organized groups of criminals.

In sports, coaches often say that attack is the best form of defense. On the web, that thinking can be applied to the use of firewalls that  can block malicious requests before they reach your server.  The AWS Web Application Firewall (“WAF”) includes a full-featured API, in addition to the AWS Management Console, that can be used to automate the creation, deployment, and maintenance of web security rules.

5 Of The Most Common Attacks You May Experience

  • DDoS Attack: Using an overwhelming flood of internet traffic, malicious actors attempt to disrupt the normal flow of information to and from a server by using multiple exploited machines and IoT devices.
  • Bad Bots: Malicious users can hide their identities behind bad bots “which can be used for many different purposes, such as price scraping, Distributed Denial of Service (“DDoS”) attacks, account takeover, and many more malicious ways that defraud a brand or website.”
  • Cross-site Scripting (XSS): A common vulnerability that dupes an application into sending a malicious script through the browser, which then believes the script is coming from the trusted website.
  • HTTP Floods: ‘a type of DDoS attack in which the attacker exploits seemingly-legitimate HTTP GET or POST requests to attack a web server or application. … This makes HTTP flood attacks significantly harder to detect and block.”
  • SQL Injection: A code injection technique where malicious code is inserted into the SQL statements. It’s designed to force a database to dump its contents to the attacker.

It’s not enough to be protected from some threats but not others. A broad overview of the security environment needs to be developed and monitored in real-time.

Companies are increasingly turning to cloud deployments for their rich feature set, improved time to market and significant cost savings over traditional infrastructure,” according to the CTO of Drawbridge Partners, Viktor Tadijanovic.While cloud technology can be made very secure, the array of available configurable options must be taken into serious consideration. Maintaining cybersecurity and compliance can be challenging if resource provisioning is not thoughtfully planned, especially as the ease of provisioning new resources leaves the potential threat of resource sprawl and minimal controls. Implementing uniform policies holistically over the entire cloud infrastructure is crucial to maintaining a secure and compliant program.”

One of the most effective tools to monitor your cloud security is through Amazon’s Web Application Firewall that ‘gives you control over which traffic to allow or block to your web applications by defining customizable web security rules.’

Media Temple deploys the AWS WAF via its Managed Cloud offering in order to keep your site safe, reduce potential downtime and protect your customers. Our WAF setup is setup to block 10 universal attacks, and can also be extended to a full custom rule set which will..Prevent hacks and vulnerability exploits

  • Stop brute force attempts on site login pages
  • Protect against the OWASP Top 10 and more
  • Mitigate Distributed Denial-of-Service (DDoS) attacks

We also make certain that WAF is seamlessly integrated with your Amazon CloudFront so that all your rules run in AWS CloudFront Edge locations that are closest to your clients, as well as the ability to block or blacklist full subnets of IPs.

Security is vital, but it should not come at the expense of performance.

That’s why Media Temple uses a global content delivery network (“CDN”), advanced content optimization, and caching in order to ensure high-speed delivery that is still 100% secure.

Our state-of-the-art CDN and WAF systems offer you faster load times around the world, as well as reduced bandwidth on your primary server and secure end-to-end encryption for SSL. Together, the software blocks hacks and attacks and virtually patches Vulnerabilities and offers peace of mind for you to deploy your most sensitive applications, and your most valuable data, to the cloud.

Media Temple’s CDN & WAF solution is available for all our hosting customers through our Cloud Managed Services. If you’re ready for a more complete security package, then click here and find out what MediaTemple can do for you.

By Jeremy Daniel

Derrek Schutman

Providing Robust Digital Capabilities by Building a Digital Enablement Layer

Building a Digital Enablement Layer Most Digital Service Providers (DSPs) aim to provide digital capabilities to customers but struggle to transform with legacy O/BSS systems. According to McKinsey research, 70% of digital transformation projects don’t ...
Gamestop NFT

Could GameStop Issue An NFT Dividend?

NFT Dividends A Non-Fungible Token (NFT) is a piece of data that is stored on a blockchain that certifies a digital asset to be unique. An NFT can represent pictures, videos, GIFs, audio and other ...
Jim Fagan

Behind The Headlines: Capacity For The Rest Of Us

Capacity For The Rest Of Us We live in the connected age, and the rise of cloud computing that creates previously unheard of value in our professional and personal lives is at the very heart ...
Alex Tkatch

Dare to Innovate: 3 Best Practices for Designing and Executing a New Product Launch

Best Practices for Designing and Executing a Product Launch Nothing in entrepreneurial life is more exciting, frustrating, time-consuming and uncertain than launching a new product. Creating something new and different can be exhilarating, assuming everything ...
Matrix

Are We Building The Matrix?…

When sci-fi films like Tom Cruise’s Oblivion depict humans living in the clouds, we imagine that humanity might one day leave our primitive dwellings attached to the ground and ascend to floating castles in the ...

CLOUD MONITORING

The CloudTweaks technology lists will include updated resources to leading services from around the globe. Examples include leading IT Monitoring Services, Bootcamps, VPNs, CDNs, Reseller Programs and much more...

  • Opsview

    Opsview

    Opsview is a global privately held IT Systems Management software company whose core product, Opsview Enterprise was released in 2009. The company has offices in the UK and USA, boasting some 35,000 corporate clients. Their prominent clients include Cisco, MIT, Allianz, NewVoiceMedia, Active Network, and University of Surrey.

  • Nagios

    Nagios

    Nagios is one of the leading vendors of IT monitoring and management tools offering cloud monitoring capabilities for AWS, EC2 (Elastic Compute Cloud) and S3 (Simple Storage Service). Their products include infrastructure, server, and network monitoring solutions like Nagios XI, Nagios Log Server, and Nagios Network Analyzer.

  • Datadog

    DataDog

    DataDog is a startup based out of New York which secured $31 Million in series C funding. They are quickly making a name for themselves and have a truly impressive client list with the likes of Adobe, Salesforce, HP, Facebook and many others.

  • Sematext Logo

    Sematext

    Sematext bridges the gap between performance monitoring, real user monitoring, transaction tracing, and logs. Sematext all-in-one monitoring platform gives businesses full-stack visibility by exposing logs, metrics, and traces through a single Cloud or On-Premise solution. Sematext helps smart DevOps teams move faster.