Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

ELB Application Load Balancers Should Have Web Application Firewall (WAF) Enabled

This rule ensures that ELB application load balancers have Web Application Firewall (WAF) enabled for enhanced security.

RuleELB application load balancers should have Web Application Firewall (WAF) enabled
FrameworkFedRAMP Moderate Revision 4
Severity
Medium

Rule Description:

ELB (Elastic Load Balancer) application load balancers should have the Web Application Firewall (WAF) enabled to meet the FedRAMP (Federal Risk and Authorization Management Program) Moderate Revision 4 compliance requirements. The WAF provides an additional layer of security by inspecting incoming web traffic, detecting and mitigating potential web application attacks.

Troubleshooting Steps:

If the Web Application Firewall is not enabled on the ELB application load balancer, follow these troubleshooting steps:

  1. 1.
    Identify the ELB application load balancer that needs the Web Application Firewall enabled.
  2. 2.
    Check if the Web Application Firewall is already enabled on the Load Balancer. If it is already enabled, proceed to the next step. Otherwise, continue with the next troubleshooting steps.
  3. 3.
    Verify that the AWS account has appropriate permissions to enable the Web Application Firewall.
  4. 4.
    Check if the WAF WebACL (Web Access Control List) rules are properly configured to meet the required criteria for the FedRAMP Moderate Revision 4 compliance.
  5. 5.
    Review the ELB Access logs to identify any potential web application attacks or vulnerabilities. This will help in adjusting the WAF rules and settings accordingly.

Necessary Codes:

There are no specific codes required for enabling the Web Application Firewall on the ELB application load balancer. However, you would need to utilize the AWS Management Console or AWS CLI (Command-Line Interface) for enabling the WAF. The following guide will walk you through the necessary steps for enabling the Web Application Firewall on the ELB:

Step-by-Step Guide for Remediation:

  1. 1.
    Log in to the AWS Management Console.
  2. 2.
    Go to the Amazon EC2 service.
  3. 3.
    Select "Load Balancers" from the left navigation pane.
  4. 4.
    Identify the ELB application load balancer that needs the Web Application Firewall enabled.
  5. 5.
    Select the Load Balancer and click on the "Listeners" tab.
  6. 6.
    In the "Actions" column, click the "Edit rules" button.
  7. 7.
    Add a new rule by clicking the "Add rule" button.
  8. 8.
    Select the appropriate condition type based on the web application attacks you want to detect, such as "Cross-Site Scripting (XSS)" or "SQL Injection".
  9. 9.
    Set up the necessary conditions and actions for the rule as per your security requirements.
  10. 10.
    Click on the "Add rule" button to save the configuration.
  11. 11.
    Test the configured WAF rules by sending test requests to the ELB application load balancer and evaluate the logged results.
  12. 12.
    Adjust the WAF rules and settings as necessary based on the analysis of the logged results and detected threats.
  13. 13.
    Once the WAF is successfully enabled and configured, you have met the requirement of having a Web Application Firewall enabled on the ELB application load balancer for FedRAMP Moderate Revision 4 compliance.

Note: The above steps outline the general process for enabling the Web Application Firewall on ELB application load balancers. The specific steps may differ based on the AWS Management Console interface changes or updates. Ensure to refer to the official AWS documentation for the most up-to-date steps and configurations.

Is your System Free of Underlying Vulnerabilities?
Find Out Now