基于 AWS 边缘服务构建

加快您的网站和 API 的速度,将其扩展到数百万用户,并保护它们免受 DDoS 攻击、自动恶意机器人和 CVE 漏洞的侵害。

性能和可用性

互联网用户越来越期待具有更低延迟和更高可用性的响应式 Web 应用程序和 API。快速可靠的用户体验有助于提高搜索引擎的排名,并提高用户参与度。

应对网络威胁的风险

可公开访问的 Web 应用程序和 API 面临各种威胁,例如 OWASP 前 10 名中描述的常见漏洞,如 SQL 注入、恶意机器人的自动请求以及可能影响可用性、危及安全性或消耗过多资源的 DDoS 攻击。

在边缘实现无服务器

开发人员正在寻找工具来帮助他们轻松构建现代 Web 应用程序,并与云端或本地的源代码无缝集成。

希望保持 Web 应用程序性能、恢复能力和安全的开发人员可以将 AWS 边缘服务引入其托管的基础设施。AWS 边缘服务包括 Amazon CloudFront(全球内容分发网络)、AWS WAF(用于管理应用程序层威胁的安全控件)、Lambda@EdgeCloudFront Functions 等边缘功能(用于增强 Web 应用程序的功能)以及 AWS Global Accelerator(网络级加速器)。 

将 AWS 边缘服务纳入 Web 应用程序技术堆栈可带来多重优势:

  • 更快的网络:采用缓存、图像/文本压缩以及 HTTP/3 和 TLS 1.3 等现代互联网协议。通过终止分布式边缘站点查看器附近的 TLS 连接,并通过 AWS 的专用骨干网络与源保持持久 TCP 连接,从而加速静态和动态应用程序。
  • 更高的可靠性:采用源失效转移、连接重试和多区域架构。
  • 更多安全控制措施:例如强制执行 TLS 策略、访问控制、基础设施层的 DDoS 保护、使用 AWS WAF 阻止 HTTP 泛洪、使用机器人控制功能管理自动机器人流量以及使用 AWS 威胁研究团队的 AWS WAF 托管规则防止 CVE 漏洞。
  • 边缘功能:集中执行边缘微服务间的重定向、授权或 A/B 测试等操作,启用动态源路由和请求适应等。

AWS 边缘服务有哪些新增功能?

Showing results: 1-4
Total results: 305
  • 日期
1 77

精选讲座

Showing results: 1-3
Total results: 29
  • 日期
  • The ideal micro-frontends platform (Formula One Testimony)

    How can I implement micro-frontends in my company? What recommendations do you have? In this session, get answers to these common questions. Discover the key characteristics necessary for constructing effective frontend distributed systems. Also learn the best practices and tools for developing micro frontends based on real-world examples.
    Case Study
    2024-12-09
  • Practical applications of edge compute in Amazon CloudFront, with AppsFlyer testimony

    With an increasingly more powerful serverless environment coupled with content delivery network (CDN) capabilities, Amazon CloudFront empowers developers to build web applications that execute functions closer to end users, tailoring content delivery to the unique needs of users. This session delves into how to leverage the latest edge compute features while optimizing for both performance and scalability. Learn best practices and patterns for deploying custom logic at the edge, enabling you to harness the full potential of CloudFront's evolving features.
    AWS re:Invent 2024
    2024-12-09
  • I didn’t know AWS WAF did this

    Securing web applications in today’s ever-evolving threat landscape is crucial. As threats evolve, so must security controls and countermeasures. In this chalk talk, dive into how AWS WAF seamlessly integrates with other AWS services, making it possible for you to construct a resilient, multi-layered defense strategy. Learn about uncommon use cases and how to address even the most unconventional threats.
    AWS re:Invent 2024
    2024-12-08
1 10

参考白皮书

Showing results: 1-5
Total results: 5
  • Whitepaper

    Implementing a bot control strategy on AWS

    The internet as we know it would not be possible without bots. Bots run automated tasks over the internet and simulate human activity or interaction. They allow businesses to build efficiency into processes and tasks. Useful bots, like web crawlers, index information on the internet and help us quickly find the most relevant information for our search queries. Bots are a good mechanism to improve business and provide value to companies. However, with time, bad actors started using bots as a means to abuse existing systems and applications in new and creative ways. Botnets are the best-known mechanism to scale bots and their impact. Botnets are networks of bots that are infected by malware and are under the control of a single party, known as the bot herder or bot operator. From one central point, the operator can command every computer on its botnet to simultaneously carry out a coordinated action, which is why botnets are also referred to as command-and-control (C2) systems. The scale of a botnet can be many millions of bots. A botnet helps the operator to perform large-scale actions. Because botnets remain under the control of a remote operator, infected machines can receive updates and change their behavior on the fly. As a result, for significant financial gain, C2 systems can rent access to segments of their botnet on the black market. The prevalence of botnets has continued to grow. It is considered by experts to be the favorite tool of bad actors. Mirai is one of the biggest botnets. It emerged in 2016, is still operational, and is estimated to have infected up to 350,000 Internet of Things (IoT) devices. This botnet has been adapted and used for many types of activities, including distributed denial of service (DDoS) attacks. More recently, bad actors tried to further obfuscate their activity and source their traffic by obtaining IP addresses through the use of residential proxy services. This creates a legitimate interconnected, peer-to-peer system that adds sophistication to the activity and makes it more challenging to detect and mitigate. This document focuses on the bot landscape, its effect on your applications, and the available strategies and mitigation options. This prescriptive guidance and its best practices help you understand and mitigate different types of bot attacks. In addition, this guide describes the AWS services and features that support a bot mitigation strategy and how each one can help you protect your applications. It also includes an overview of bot monitoring and best practices for optimizing solution costs.
    2024-02-24
  • Whitepaper

    Amazon CloudFront for Media Streaming

    This whitepaper is for media organizations interested in delivering streaming media content to their viewers using Amazon CloudFront. Media delivery has a unique set of characteristics requiring low latency, high reliability, and high scalability.
    2023-09-13
  • Whitepaper

    AWS Best Practices for DDoS Resiliency

    In this whitepaper, AWS provides you with prescriptive DDoS guidance to improve the resiliency of applications running on AWS.
    2023-08-09
  • Whitepaper

    Guidelines for Implementing AWS WAF

    This whitepaper outlines recommendations for implementing AWS WAF to protect existing and new web applications. This whitepaper applies to anyone who is tasked with protecting web applications.
    2022-01-19
  • Whitepaper

    Secure Content Delivery with Amazon CloudFront

    This whitepaper describes how Amazon CloudFront, a highly secure, managed service, can help architects and developers secure the delivery of their applications and content by providing useful, security-supporting features.
    2022-01-11
1

此页内容对您是否有帮助?