Rule: ELB Application Load Balancers with WAF Enabled
Ensure all ELB application load balancers have Web Application Firewall (WAF) enabled.
| Rule | ELB application load balancers should have Web Application Firewall (WAF) enabled |
| Framework | RBI Cyber Security Framework |
| Severity | ✔ Medium |
Rule Description:
As per the RBI (Reserve Bank of India) Cyber Security Framework, all ELB (Elastic Load Balancer) application load balancers should have the Web Application Firewall (WAF) enabled. WAF is a security feature that helps protect web applications from common web exploits and vulnerabilities.
Troubleshooting Steps:
If the Web Application Firewall is not enabled on the ELB, the following troubleshooting steps can be taken:
- 1.
Verify WAF Availability: Check if the AWS account has the Web Application Firewall service available in the respective region. If not, consider using a region where WAF is available.
- 2.
Check ELB Configuration: Verify that the ELB application load balancer is properly configured and associated with the desired web application.
- 3.
Enable WAF: Enable the Web Application Firewall feature on the ELB. If it is not already enabled, follow the steps below to enable WAF.
Necessary Codes:
No specific codes are needed for this configuration.
Step-by-Step Guide for Remediation:
- 1.
Login to the AWS Management Console.
- 2.
Go to the EC2 service.
- 3.
Select "Load Balancers" from the left-hand menu.
- 4.
Identify the ELB application load balancer that needs the Web Application Firewall enabled and click on its name.
- 5.
In the load balancer details page, click on the "Add/Edit Rules" button next to the "Web Application Firewall (WAF)" section.
- 6.
On the Web Application Firewall page, click on the "Create Web ACL (Application Load Balancer)" button.
- 7.
Provide a name for the Web ACL and define the IP address type (IPv4 or IPv6).
- 8.
Configure the Rule Groups: Select the appropriate rule groups based on your application's requirements and security policies. These rule groups contain predefined rules to protect against common web vulnerabilities.
- 9.
Associate the Web ACL with the desired AWS resources: In the "Associate Web ACL" section, select the appropriate option to associate the Web ACL with your ELB application load balancer.
- 10.
Review the configurations and click on the "Create" button.
- 11.
Wait for the Web ACL to be created and associated with the ELB application load balancer.
- 12.
Test your application traffic to ensure that the Web Application Firewall is working as expected.
Note: The mentioned steps are specific to AWS. If you are using a different cloud provider or infrastructure, refer to their documentation for enabling Web Application Firewall on the respective load balancer.