Welcome to this episode of the Cloud Cadet Podcast. Today, Anthony and Christophe sit down with Linux Academy’s core OpenStack instructor, Stephen. Stephen has been an instructor with us for just about two years. He features our Linux Essentials course (which is where we suggest everyone should start), but today he’s going to be talking a little bit about AWS.
We’re going to set up a web application firewall, specifically, Barracuda’s WAF. Stephen shows you just how easy it is to use the marketplace to spin up the WAF and configure security groups to get it up and running.
While AWS has released their own WAF service, what we’re doing is adding an application layer, not necessarily a network firewall, so that you can do things like block specific requests or types of requests and white list public networks. AWS’s WAF integrates with their cloud services, but provides a limited amount of control, comparatively.
Amazon has made it so easy that you can now jump in head first. But to use the AWS WAF service, you need to be using a whole side CDN. However, here’s a couple of things to put in place first when going to use this WAF:
First you need to create a network interface that’s going to have a static IP address so that your firewall always has the same IP. He walks through getting there through elastic IPs. Then you move over to EC2 to spin up the needed instance using the marketplace. Barracuda also allows you to load-balance their WAF, which takes more setup but is a possibility. Finally, choose a security group and you’re good to go.
If you’re interested in checking out Stephen’s course, click here.
Stephen’s course starts off with basic security overviews and networking, rule creation with AWS, and the background of Barracuda and how you can use it to protect your AWS.
His new course coming out the end of February is specifically evolved around active directory, extending into AWS using its services and spinning up EC2 instances.
Next week, we’ll be talking to our co-host Christophe about a couple of hot topics, so be sure to stay tuned.