Learn all you need to know about email best practices, deliverability, and tools with email whitepapers and ebooks.

Issue link: https://hub.dyn.com/i/1119883

Contents of this Issue


Page 39 of 57

common types of attacks. A WAF can protect against XSS attacks, SQL injection, and attacks designed to expose potentially sensitive data. WAFs can either block attacks completely or alert administra‐ tors about possible malicious activity. WAFs are highly customizable, making them ideal for vulnerabilities that have no known defenses. For example, if a vulnerability is dis‐ covered for a web application that would allow an attacker to access a direct object in an insecure manner, the security team can create a signature that blocks access to that direct object and quickly deploy it across all cloud providers. The WAF protects the web application while allowing legitimate traffic to continue flowing freely until you can deploy a better solution. Keeping up with the latest threats against web applications can be a challenge for even the most advanced organization. That is why most WAFs have a threat intelligence backend that automatically updates as new threats are discovered and ensures that protections are automatically deployed. Organizations get the best of both worlds: automatically deployed protections against the latest threats, and customized solutions specifically designed for their environ‐ ments. Even though WAFs can improve the security of a multicloud archi‐ tecture, they also add yet another layer of complexity. Too often, organizations deploy WAFs in a manner that protects the wrong applications, or winds up offering no additional protection at all. You need to carefully plan and consider WAF deployments early in the architecture design, not as an afterthought. The late addition of a WAF and poor WAF management can result in spending a lot of money for a solution that essentially does nothing. Network Monitoring To this point we have discussed building complex multicloud envi‐ ronments with multilayered security protections in place. But we also need to ensure that everything stays up and running, even though the complexity of multicloud deployments makes monitor‐ ing infrastructure difficult. In this section, we discuss network mon‐ itoring; the next section discusses security monitoring. The term "network monitoring" is actually a bit of a misnomer. Cer‐ tainly, monitoring traffic flows on the network is important, and a 34 | Chapter 3: Security in Multicloud Environments

Articles in this issue

view archives of eBooks - OreillyMultiCloudFinalEBOOK