Improve Security with Custom Rule Sets

Protect against massive cyberattacks with Edge Firewall

Maria Celeste Casali - Technical Writer
Improve Security with Custom Rule Sets

Massive cyberattacks are no longer a surprise. Hundreds of businesses have recently been affected by ransomware and ransom-based DDoS (distributed denial of service) attacks – with a huge impact on industries around the world and, consequently, our daily lives.

Since cybersecurity involves a range of security challenges, finding immediate responses to your company’s specific needs is a must. Businesses face a variety of threats beyond ransomware and DDoS attacks, which target services from the network to the application layer. And while a one-size-fits-all solution sounds good in theory, such solutions may add latency or involve complicated setup and management – two big drawbacks given that speed and responsiveness are crucial to combat today’s threats.

The good news is that Azion’s Edge Firewall provides programmable security at the edge in a secure, simple, and agile way. This means that DevSecOps can decide the best rules to protect websites and applications without having to write huge amounts of custom code from scratch.

To demonstrate this process, this blog post will provide a brief overview of Azion’s Edge Firewall and how you can create your own programmable rules through our Rules Engine to secure your entire application ecosystem. Follow us on a hands-on journey to get you set up and benefiting from our edge computing platform right away.

Getting to Know Azion’s Edge Firewall

Azion’s Edge Firewall is a programmable, modular and extensible firewall. You can create rules to secure your website against potential cybersecurity vulnerabilities by choosing the modules that best suit your needs:

  • DDoS Protection uses a modern approach to detect and mitigate attacks on the network, transport, and application layer – greatly reducing downtime risk without impacting your services’ performance.
  • Edge Functions enables serverless functions to be added to your applications, relieving your infrastructure by performing security functions closer to the user, providing increased agility and scalability.
  • Network Layer Protection allows for the creation of filters by IP/CIDR, ASN addresses, countries (geolocation), anti-botnet data feeds, or TOR networks by configuring Network Lists and business rules.
  • Web Application Firewall (WAF) protects your applications against OWASP Top 10 threats, such as SQL Injection and Cross-Site Scripting (XSS) and is based on scoring – not signatures. This way, Azion Edge Nodes can block malicious requests before they reach your application.

Learn how the Rules Engine can help you quickly program different use cases here.

The Rules Engine: Where It All Happens

The Rules Engine is at the core of edge applications on our platform, where your rules make security happen. But the Rules Engine need not apply only to SecOps teams – developers also can write security or business rules at the edge using this powerful engine. This flexibility enables organizations to share responsibility however they wish and according to their existing routines or new models.

As a result, you can implement security logic at the edge, create granular policies to protect your edge applications and meet local compliance requirements. That is, you can write custom rules through an intuitive interface to:

  • block or bypass a request;
  • create rate limits to prevent account takeover attacks (ATO);
  • run an edge function with your own security code; and
  • monitor traffic to identify threats.

You know your needs, and Azion Edge Firewall gives you the resources for you to set up your rules.

How It Works

Edge Firewall settings are called Rules Sets: the security rules that are applied to a group of domains and related modules. Within any Rules Set, you can configure your custom security rules in our Rules Engine.

When you define your set of security rules, each request to your application is first processed by Edge Firewall before ever reaching your application. The rules are composed of criteria and behaviors, where criteria represent the conditions for executing the rules and behaviors represent the actions and responses to be executed.

Rules processing is sequential, and you can use sets of variables and comparison operators within your rules criteria. If the conditions are met by an incoming request, the response of any triggered rule is executed until all the rules are processed or a finalizing behavior is found in the path – such as deny or drop, which are common response types, but many more custom types are possible.

Here are some practical examples to get started. You’ll find detailed guidance in ourdocumentation.

Creating Security Rules with the Rules Engine

New to Azion? Be Our Guest!

Create yourfree account to leverage from our platform. You’ll get a US$300 credit to use over 12 months so you can experience the full potential of our edge computing platform.

Step by step

Before setting up your security rules, you have to add at least one edge application.

Your journey starts now. Let’s go!

  1. Log into the Real-Time Manager. Select Edge Firewall from the Edge Computing menu. Click the Add Rule Set button and configure your Main settings: choose the Domains you would like to protect and the Edge Firewall Modules you wish to enable. Save your settings. You’ll be directed to the Edge Firewall interface where you will create your security rules.

  2. Now, select the Rules Engine tab and click New Rule to add a new rule. Here you will parameterize your rule with the criteria that will define the conditions for the execution of response. When you are done, Save your settings. See the example as follows:

Watch this video for a demonstration of this process.

Want to know more? Visit our Blog and sign up for our Newsletter to stay informed!

Wrapping Up

According to Gartner’s top security and risk trends for 2021, “when COVID-19 accelerated digital business, it also accelerated the trend wherein many digital assets — and individuals — are increasingly located outside of the traditional enterprise infrastructure.”

Additionally, ever-evolving methods of digital transformation and new technologies require security options that are flexible, agile and scalable — preparing companies to move into the future, but in a secure manner.

Thus, in a context of fast-paced technology, where the sophistication and number of cyberattacks opens new domains for cybercrimes in a frantic race, security is a crucial – if not the most important pillar – for companies’ success, integrity and quality of experience.

Discover how Azion can help you with these increasingly challenging cybersecurity demands, with high performance and ultra-low latency anywhere in the world, to enrich your users’ secure experience.

Create your free account today and explore Azion’s Edge Computing Platform – open, programmable and extensible. Give it a try and see all the advantages for yourself.

Now, tell us. What would you like to learn more about in our next posts? We also have a team of experts ready to talk to you.

stay up to date

Subscribe to our Newsletter

Get the latest product updates, event highlights, and tech industry insights delivered to your inbox.