Book Image

Implementing Cloud Design Patterns for AWS

Book Image

Implementing Cloud Design Patterns for AWS

Overview of this book

Table of Contents (18 chapters)
Implementing Cloud Design Patterns for AWS
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Web application firewall pattern


The next pattern is not specific to the Cloud, but is important enough to mention. When securing a system it is one thing to prevent or limit access, but that is only a small scope of a much broader assessment. Suppose your database does not allow connection from anything other than the web instance that is connected to it.

While this means that no outside system can directly access the instance, it does not mean that they cannot compromise it and change that assertion. A traditional firewall or even Security Groups will never prevent behavior from individuals such as SQL injection and exploiting bugs in software. While the system administrators had a firewall rule in place of the database, someone might be able to modify that.

That is where intrusion detection systems and web application firewalls come into play. We will not discuss intrusion detection systems, but since we are on the topic of firewalls, we will touch lightly on what they are and how they...