Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

AWF WAF Introduction

750 vues

Publié le

WAF(Web Application Firewall) Function, setting

Publié dans : Internet
  • Soyez le premier à commenter

AWF WAF Introduction

  1. 1. 아마존 웹서비스 - WAF 소개 순서 AWS – WAF (Web Application Firewall) 소개 -서비스 배경 -서비스 목적 -WAF (Web Application Firewall)의 장점 및 제한사항 -WAF (Web Application Firewall)기능 -WAF (Web Application Firewall)구성 절차 -WAF (Web Application Firewall) 셋팅 -AWS WAF vs Sophos UTM for AWS -Sophos UTM for AWS 특징 -AWS WAF vs Sophos UTM for AWS 기능비교
  2. 2. AWS – WAF 서비스 배경 -AWS의 Public 클라우드 환경에서 제공되는 VPC (Virtual Private Cloud)등의 Network ACL만으로는 Web, WAS등 서비스 포인트의 다양한 공격방어의 한계. AWS – WAF (Web Application Firewall) 소개
  3. 3. AWS – WAF 서비스 목적 -AWS의 CloudFront와 연동 -WAS 및 Web Code 방어, 기본적인 패턴 방어 지원 -Layer7에 준하는 필터링 제공 AWS – WAF (Web Application Firewall) 소개
  4. 4. AWS – WAF 장점 및 제한사항 -WAF의 장점 -AWS내에서 완벽히 작동 -심플한 구성, 비용이 저렴 (사용량 기준) -AWS CloudFront와 연동 -제한사항(Limits) -Web ACL당 Rule이 최대 10개 -Rule당 조건이 최대 10개 -String filter 10개 -IP 필터링 1000개 -CloudFrount를 통해서 배포 AWS – WAF (Web Application Firewall) 소개
  5. 5. AWS – WAF 기능 -대표(일반)적인 공격방어 제공 -공격성 IP차단 (1000개) -공격성 문자열 차단 -SQL Injection 방어 -연동 API AWS – WAF (Web Application Firewall) 소개
  6. 6. AWS – WAF 기능 AWS – WAF (Web Application Firewall) 소개 -String Match conditions 1
  7. 7. AWS – WAF 기능 AWS – WAF (Web Application Firewall) 소개 -String Match conditions 2
  8. 8. AWS – WAF 기능 AWS – WAF (Web Application Firewall) 소개 -String Match conditions 3
  9. 9. AWS – WAF 기능 AWS – WAF (Web Application Firewall) 소개 -String Match conditions 4
  10. 10. AWS – WAF 기능 AWS – WAF (Web Application Firewall) 소개 -String Match conditions 5
  11. 11. AWS – WAF 기능 AWS – WAF (Web Application Firewall) 소개 -String Match conditions 6
  12. 12. AWS – WAF 기능 AWS – WAF (Web Application Firewall) 소개 -Mixed Conditions
  13. 13. AWS –SQL Injection 방어 -SQL Injection 방어 (malicious SQL code)  Filter filed : (inspected filed) -Query String : ? __ -HTTP method : GET, POST, DEL -URI : /images/daily-ad.jpg -Header : Request header value  Transformation : reformat before inspect -Convert to lowercase -HTML decode -Remove whitespace characters -Simplify command line -URL decode -Value is base64 encoded AWS – WAF (Web Application Firewall) 소개
  14. 14. AWS –String match Conditions -Inspect for the string (malicious string)  Filter filed : (inspected filed) -Query String : ? __ -HTTP method : GET, POST, DEL -URI : /images/daily-ad.jpg -Header : Request header value  Transformation : reformat before inspect -Convert to lowercase -HTML decode -Remove whitespace characters -Simplify command line -URL decode -Value is base64 encoded  Value to match* : inspect for string AWS – WAF (Web Application Firewall) 소개
  15. 15. AWS – WAF 구성절차 - web ACL생성  Conditions 부여  Rule추가  CloudFront에 연계 배포 AWS – WAF (Web Application Firewall) 소개
  16. 16. AWS – WAF 셋팅 -web ACL생성  Conditions 부여  Rule추가  CloudFront에 연계 배포. AWS – WAF (Web Application Firewall) 소개
  17. 17. AWS – WAF 셋팅 -web ACL생성  Conditions 부여  Rule추가  CloudFront에 연계 배포. AWS – WAF (Web Application Firewall) 소개
  18. 18. AWS – WAF 셋팅 -web ACL생성  Conditions 부여  Rule추가  CloudFront에 연계 배포. AWS – WAF (Web Application Firewall) 소개
  19. 19. AWS – WAF 셋팅 -web ACL생성  Rule추가  Conditions 부여  CloudFront에 연계 배포 AWS – WAF (Web Application Firewall) 소개
  20. 20. Sophos UTM for AWS 특징 AWS – WAF (Web Application Firewall) 소개 -UTM Auto Scaling and High Availability -Web Application Firewall Protection -Secure Access VPN Gateway -Content Filtering for Virtual Desktops -Next-Gen Firewall Protecting and Reporting - Intrusion protection: inspection Engine - Flood protection: Dos and portscan blocking - Web filtering with 35-million sites - Web proxy with dual-engine antivirus -Easy Management - Role based administration - Configurable automated update service - Point-and-Click IPS rule management -Logging and Reporting - Build-in reporting - Per-user tracking and auditing - Executive report scheduling and archiving AWS marketplace – web application firewall https://aws.amazon.com/marketplace/search?page=1&searchTerms=web+a pplication+firewall Sophos UTM for AWS datasheet https://www.sophos.com/en-us/medialibrary/PDFs/marketing%20material/so phos-utm-for-aws-dsna.pdf
  21. 21. AWS WAF vs Sophos UTM for AWS 기능비교 AWS – WAF (Web Application Firewall) 소개 AWS WAF Sophos UTM for AWS 비 교 기 능 지원여부 지원여부 통합로그관리/분석 x o 통합관리툴 x o 리포팅 및 알림 x o AWS WAF: 다른모듈과 연동시 가능 (CloudWatch, Alert logic 등) 웹방화벽 o o IPS o o AWS WAF: 제한적 IPsets, rule, condition 적용가능 VPN x o 콘텐츠보안 o o AWS WAF: 제한적 String base 시그니쳐탐색 / 접근제한 안티바이러스/스팸 x o 실시간 모니터링 x o

×