current position:Home>AWS serverless design - firewall WAF

AWS serverless design - firewall WAF

2022-04-29 07:57:20zoobuzas

AWS serverless Design -WAF

 Insert picture description here

WAF False alarm occurred

Using websites and Web Application time , introduce WAF Is essential . however , If the security level is too strict ,WAF May lead to false positives , Block normal communication . False positives will eventually make it harder for users to access your Web Applications . On the other hand , Excessive relaxation of security levels will increase the risk of network attacks . therefore , It is necessary to WAF Make appropriate adjustments .

The burden of operating costs increases

Use WAF This safety product , Not only the initial cost , It also requires operating costs . among , Operation cost is the most characteristic of optimization . Although it depends on the mode of use , However, it is generally necessary to change the signature as soon as a new vulnerability is found , So if the supplier is required to tune every time , It is expected to be a considerable operating cost .
Besides , If you hire a safety expert , You will have to pay reasonable labor costs .
If the amount of use becomes larger , It takes about 2-3 The initial cost of 10000 yuan or more and the operating cost of tens of thousands of yuan or more per year . For private media with the purpose of branding , It is undeniable that there may be problems of low cost-effectiveness .

Risk of website interruption

Besides , In operation WAF when , You must be aware of the risk of website disruption . The entire site may be closed or signed off by the supplier without authorization . This interruption is a huge loss of opportunity , Especially from Web For companies that make a lot of profits . But you can consider installing more WAF To solve this problem .

Official documents

copyright notice
author[zoobuzas],Please bring the original link to reprint, thank you.

Random recommended