AWS WAF Pros and Cons

Monitoring is one part which is very essentials eg, VPC flow logs, s3 logs, API logs, system logs with aggregators etc . But analysing the logs as centralized hub , security hub provides the context. Along side coming to compliance , macie with its AI ML models , able to identify PII in S3. More that these, custome logs can also be formatter into ASAF using services like Lamba intervined. Which threat own threat intelligence capablitiy and custom integration to SIEM solution offers visibility across the environment. Apart from service, aws provides a lot of resources for industary standards and that keeps us upto date and skilled. Support is alwasys a second option , as I get everything from easy documented materials. Day to day getting used, gave a clear explames of scenarios where I can act upon a breach or an event with the available service. which helped me to understand the risks and what security controls are needed. Review collected by and hosted on G2.com.

Image recongnikition where photocopies of Sensitive information are elsewhere, not sure where to get the docs. But with few service capablities, was able to do it. Review collected by and hosted on G2.com.

AWS WAF protects web applications from common web exploities. The user can create a policy and take control over the block and filters. AWS WAF can easily be integrated and managed by the Amazon firewall manager and can be easily implemented in the Amazon cloud platform. The user can monitor and frequently analyze the incoming network traffic. Customer support is very responsive and satisfactory which help the user to fix issues in less time. Review collected by and hosted on G2.com.

The pricing of AWS WAF is based on the components like Web ACL, Rule, Bot control and fraud Control. which make a user to pay part by part which is bit annoying. Review collected by and hosted on G2.com.

AWS has good number of services which are best among all Cloud service providers for me like AWS Transist Gateway to support Hub and Spoke architecture, AWS WAF and Shield for L3,L4 & L7 attacks, AWS IAM, AWS Gurd duty, AWS Inspector etc Review collected by and hosted on G2.com.

AWS Shield advance service needs an improvement to protect from every type of DDoS attacks as it was failed twice to detect DDoS attacks and failed to protect our resources and systems where inaccessible during DDoS attack simulation Review collected by and hosted on G2.com.

AWS Cloud security is the bedlock of digital trust, offering multi-layered defense that anticipates and neutralizes cyber threats. With unrivaled compliance adherence and dynamic adaptability, it stands as the epitome of safe guarding in the ever-evolving relam of cloud computing. Review collected by and hosted on G2.com.

AWS vloud security only disappointment is its convoluted interface and lacks user-friendly features. Review collected by and hosted on G2.com.

WAF can provide different levels of security. We will be able to implement it in the root level. We can make rules to allow or block access that meets conditions. Review collected by and hosted on G2.com.

Initially it was too tough for me to tackle WAF as the concepts are bit complex to understand. Review collected by and hosted on G2.com.

AWS waf comes with best set of Rules for filtering out the malicious IP's. It is very easy to implement as we can create the rules using AWS rules. Also , we can create large number of rules according to the priority . It is great platform to integate with load balancers etc. I liked how the customer support is avalialble 27 7 for any issues. Review collected by and hosted on G2.com.

Cost can be addded when we set up more rules Review collected by and hosted on G2.com.

Comprehensive security suite: AWS offers a vast array of security tools and services, covering everything from access management to data encryption and threat detection. This one-stop shop simplifies security implementation and reduces the need for third-party solutions.

Granular control: AWS allows you to fine-tune security settings based on your specific needs and risk tolerance. This level of customization empowers organizations to build a security posture that aligns with their unique environment.

Compliance-focused: AWS provides built-in features and pre-configured compliance frameworks that help organizations meet industry regulations and internal policies. This can significantly streamline compliance audits and reporting processes. Review collected by and hosted on G2.com.

Complexity: The sheer breadth of AWS security offerings can be overwhelming for new users. Navigating the different services and understanding their interactions can be a steep learning curve, even for experienced IT professionals.

Pricing: While AWS offers a free tier for some services, many essential security features come at a cost. The pricing structure can be complex, making it difficult to accurately estimate and budget for security expenses.

Limited visibility: While AWS provides tools for monitoring and analyzing security events, the default dashboards can lack depth and customization options. For organizations with complex security needs, building comprehensive security reports may require additional tools or expertise. Review collected by and hosted on G2.com.

The most helpful aspects and upsides of using AWS WAF are:

1.Security enchancement - AWS WAF helps in enchancing the security of your web applications by protecting them from a wide range of online threats, such as SQL injection, cross-site scripting(XSS) and more.

2.Customizable Rules: AWS WAF offers a high degree of customization, allowing you to creates rules and regulations tailored to your specific application's needs.

3.Scalability: AWS WAF scales with your's applications needs. you can handle varying level of traffic and adjust your rules and policies accordingly. Review collected by and hosted on G2.com.

While AWS WAF offers many benefits, there are also some potentials downsides of using AWS WAF, which are states below:

1.Costs: While the AWS WAF offers pay-as-you go pricing model, cost can add up, especially for large scale application with high traffic volumes and complex rules sets.

2.Regional Deployment:AWS WAF is deployed regionally, which means you need to configure it separately in each AWS Region where application is hosted. this can add up complexity if your application spans multiple regions. Review collected by and hosted on G2.com.

- Easy integration setup for AWS cloudfront and load balancers

- Bot traffic and maliciuos requests can be easily blocked

- AWS Managed rules provides a quick start to secure requests

- Allows to customize response when requests are blocked

- Has a Count feature which allows to validate requests before enabling action on the rule Review collected by and hosted on G2.com.

- Multiple rule setup and priority leads to complications

- Costs can add up as it proportional to the request count Review collected by and hosted on G2.com.

AWS native WAF can be easily integrated with Application Load Balancer with which we can allow Internet bound Inbound traffic directly on ALB. Same ALB can be protected by AWS Shield, with this we can achieve DDoS L3, L4 & L7 protection. Also AWS WAF supports third party vendor managed rules i.e. F5, Imperva etc to add in WEB ACL Review collected by and hosted on G2.com.

AWS managed WAF rules has limitations of protecting against OWASP top 10 attack pattern i.e. if you change SQL injection attack pattern, AWS Managed WAF rules failed to block it. AWS needs to work on such sort of things. Review collected by and hosted on G2.com.