Get started Bring yourself up to speed with our introductory content.

Eight tips to roll a service or app into an AWS deployment

5/9

Prevent outside attacks with AWS security services

Source:  Akindo/Getty Images
Visual Editor: Sarah Evans

When a dev team deploys a workload in AWS, the cloud provider doesn't protect that application from all external security threats, such as distributed denial-of-service (DDoS) attacks.

Even when an AWS infrastructure works properly, external attacks can reduce workload performance or render it unavailable. These types of attacks can stop an IT team in its tracks -- not to mention cost a fortune in wasted resources.

This makes it critical to use AWS security services when you integrate additional services or migrate new workloads into your deployment.

Amazon Route 53 and AWS load balancers can help scale workloads for normal variations in traffic, and they can effectively address brief spikes in demand. Admins can mitigate more deliberate or prolonged attacks through resilient deployment strategies, such as compute clusters and multiregion storage replication. If an attack targets an AWS deployment in one region, the other region usually continues to function -- albeit at reduced performance because of redirected traffic.

Cloud architects can use additional AWS security services, such as Shield and Web Application Firewall (WAF), to guard against deliberate attacks. For example, a free version of AWS Shield provides dedicated DDoS protection against common attacks at the network and transport layers. For a fee, Shield Advanced provides more insight into attacks, better integration with other native services and a dedicated support team to assist with attack remediation.

By contrast, AWS WAF specifically guards web-based applications against attacks that might threaten website security or availability. These types of attacks include cross-site scripting, SQL injection and DDoS.

Admins can apply custom rules to prohibit other undesirable traffic types or behaviors. AWS WAF works with other Amazon cloud services to monitor workload traffic and behaviors, as well as to spot potential malicious activity as it occurs in web apps.

View All Photo Stories

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What are your biggest AWS security concerns?
Cancel

-ADS BY GOOGLE

SearchCloudApplications

TheServerSide.com

SearchSoftwareQuality

SearchCloudComputing

Close