Securing Cloud Application with NGFW and WAF02 June 2022 | admin
Nowadays more companies launch a product and implement their business on Cloud. Gartner predicts global Cloud spending in 2022 will increase 21,7% compared to last year.
The increasing adoption of Cloud Computing has made hackers start targeting Cloud application, not only on-premises IT infrastructure. In fact, attacks on applications in the Cloud are increasing. Cyber threats such as malware and ransomware are now starting to compromise the security of data stored in the Cloud.
Cloud service providers take security aspects seriously and will protect the core Cloud Computing infrastructure from hackers. However, customers also share responsibility for the cybersecurity of their systems in the Cloud service.
IaaS (Infrastructure as a Service) subscribers will not only have to protect their applications but also their data security and operating systems that are running on the virtual machine.
To make it easier for customers to protect their applications, Cloud service providers offer optional services. Two of them are Next-Generation Firewall on Cloud (NGFW) and Web Application Firewall (WAF).
Deployment of NGFW in Cloud Application
A firewall is the mainstay of the network managers to protect on-premises networks. Traditional firewalls provide a protection by allowing or blocking data traffic, based on state, port, protocol, and filtering data based on rules that have been determined by the network manager.
YOU MIGHT ALSO LIKE:
Not only has the capabilities of a traditional firewall, but Next-Generation Firewall (NGFW) scans the traffic on the network, identifies them, and blocks the malware. NGFW has the ability of the Deep Packet Inspection (DPI) to better identify cyber threats. Thanks to application awareness, NGFW can also grant permissions and block data traffic based on allowed and prohibited applications.
NGFW can also protect the Cloud infrastructure. Thus, the operating applications on the Cloud network can also be protected from various cyberattacks.
Deployment of WAF in Cloud Application
WAF (Web Application Firewall) is the kind of firewall that is tailored to protect web applications. If you install WAF on the Cloud, it can filter and monitor the HTTPS’ (Hypertext Transfer Protocol Secure) traffics between web application owned by Cloud user and the Internet, as well as protecting the original IP address by providing the virtual system a fake IP address. For example, if users receive the IP address of the website application from the search engine, then they will be directed to the WAF first before entering through the actual IP address.
According to the Data Breach Investigation Report (DBIR) in 2021, the attacks on a web application are the most widely used methods in data breaches. Therefore, web application security cannot be ignored if the company wants to protect their data.
OWASP (Open Web Application Security Project) recommends the use of WAF as one of the best practices to overcome common attacks against web applications, such as SQL injection (SQLi) or cross-site scripting (XSS).
Lintasarta Cloudeka’s customers can secure their Cloud application by installing the Next-Generation Firewall (NGFW) dan Web Application Firewall (WAF). Both are available as an add-on service from Lintasarta Cloudeka.
This NGFW On Cloud protection is the first Cloud security service, the one and only in Indonesia.
Meanwhile, Lintasarta WAF complements the protection provided by NGFW On Cloud. The WAF service also functions to prevent bot and DDoS (Distributed Denial of Service) attacks. Both services provide a monthly report feature for further analysis so that cybersecurity staff can take the necessary protective steps to anticipate the next cyberattack.
For more details about NGFW On Cloud and Deka WAF to protect your applications in Lintasarta Cloudeka, please contact us.