Web Application Firewall (WAF) Overview

  • WAF is a web application firewall that helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources.

  • WAF gives you control over how traffic reaches your applications by enabling you to create security rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that filter out specific traffic patterns you define.

  • You can get started quickly using Managed Rules for WAF, a pre-configured set of rules managed by AWS or AWS Marketplace Sellers.

    • The Managed Rules for WAF address issues like the OWASP Top 10 security risks.

  • You can deploy WAF on CloudFront as part of your CDN solution, an Application Load Balancer or an API Gateway.

Firewall Manager

  • Firewall Manager simplifies your administration and maintenance tasks across multiple accounts and resources for WAF, Shield Advanced, VPC security groups, and Network Firewall.

  • With Firewall Manager, you set up your AWS WAF firewall rules, Shield Advanced protections, Amazon VPC security groups, and Network Firewall firewalls just once.

PreviousShieldNextNetworking for VPCs

Last updated