在 AWS 邊緣服務建置

加速您的網站和 API,將其擴展至數百萬使用者,並保護使用者免受 DDoS 攻擊、自動化惡意機器人和 CVE 入侵程式的危害。

效能與可用性

網際網路使用者日益期待回應式 Web 應用程式與 API 具有更低延遲及更高可用性。快速可靠的使用者體驗有助提高搜尋引擎排名,並增加使用者參與度。

解決網路威脅風險

可公開存取的 Web 應用程式與 API 面臨威脅,例如 OWASP 十大說明的常見漏洞,諸如 SQL 隱碼攻擊、惡意機器人自動化請求,以及可能影響可用性、破壞安全性或消耗過量資源的 DDoS 攻擊。

邊緣無伺服器

開發人員正在尋找工具來協助他們輕鬆建置現代 Web 應用程式,並無縫整合雲端或現場部署的來源。

開發人員希望保持 Web 應用程式的效能、彈性及安全性,因此將 AWS 邊緣服務引入其託管的基礎架構。AWS 邊緣服務包括 Amazon CloudFront (全球內容交付網路)、AWS WAF (用於管理應用程式層級威脅的安全性控制項)、Lambda@EdgeCloudFront Functions 等邊緣函數 (用於加強 Web 應用程式功能),以及 AWS Global Accelerator (網路層級加速器)。 

將 AWS 邊緣服務納入 Web 應用程式技術堆疊可增加多種好處:

  • 更快速的 Web:具快取、影像/文本壓縮以及現代網際網路通訊協定,例如 HTTP/3 與 TLS 1.3。透過終止來自分散式邊緣節點接近檢視器的 TLS 連線,並透過 AWS 的私有骨幹網路持續維持與來源的 TCP 連線來加速靜態與動態應用程式。
  • 更高的可靠性:具來源容錯移轉、連線重試與多區域架構。
  • 更多安全性控制項:例如強化 TLS 原則政策、存取控制、基礎架構層級的 DDoS 防護、利用 AWS WAF 封鎖 HTTP 泛洪、利用機器人控制功能管理自動化機器人流量,以及利用 AWS 威脅研究團隊的 AWS WAF 受管規則來防止 CVE 漏洞。
  • 邊緣功能:集中執行各項操作,例如重新導向、授權或在邊緣跨各項微服務進行 A/B 測試、啟用動態來源路由及請求調整等等。

AWS 邊緣服務有哪些新功能?

Showing results: 1-4
Total results: 118
  • 日期
1 30

精選講座

Showing results: 1-3
Total results: 29
  • 日期
  • The ideal micro-frontends platform (Formula One Testimony)

    How can I implement micro-frontends in my company? What recommendations do you have? In this session, get answers to these common questions. Discover the key characteristics necessary for constructing effective frontend distributed systems. Also learn the best practices and tools for developing micro frontends based on real-world examples.
    Case Study
    2024-12-09
  • Practical applications of edge compute in Amazon CloudFront, with AppsFlyer testimony

    With an increasingly more powerful serverless environment coupled with content delivery network (CDN) capabilities, Amazon CloudFront empowers developers to build web applications that execute functions closer to end users, tailoring content delivery to the unique needs of users. This session delves into how to leverage the latest edge compute features while optimizing for both performance and scalability. Learn best practices and patterns for deploying custom logic at the edge, enabling you to harness the full potential of CloudFront's evolving features.
    AWS re:Invent 2024
    2024-12-09
  • I didn’t know AWS WAF did this

    Securing web applications in today’s ever-evolving threat landscape is crucial. As threats evolve, so must security controls and countermeasures. In this chalk talk, dive into how AWS WAF seamlessly integrates with other AWS services, making it possible for you to construct a resilient, multi-layered defense strategy. Learn about uncommon use cases and how to address even the most unconventional threats.
    AWS re:Invent 2024
    2024-12-08
1 10

參考白皮書

Showing results: 1-5
Total results: 5
  • Whitepaper

    Implementing a bot control strategy on AWS

    The internet as we know it would not be possible without bots. Bots run automated tasks over the internet and simulate human activity or interaction. They allow businesses to build efficiency into processes and tasks. Useful bots, like web crawlers, index information on the internet and help us quickly find the most relevant information for our search queries. Bots are a good mechanism to improve business and provide value to companies. However, with time, bad actors started using bots as a means to abuse existing systems and applications in new and creative ways. Botnets are the best-known mechanism to scale bots and their impact. Botnets are networks of bots that are infected by malware and are under the control of a single party, known as the bot herder or bot operator. From one central point, the operator can command every computer on its botnet to simultaneously carry out a coordinated action, which is why botnets are also referred to as command-and-control (C2) systems. The scale of a botnet can be many millions of bots. A botnet helps the operator to perform large-scale actions. Because botnets remain under the control of a remote operator, infected machines can receive updates and change their behavior on the fly. As a result, for significant financial gain, C2 systems can rent access to segments of their botnet on the black market. The prevalence of botnets has continued to grow. It is considered by experts to be the favorite tool of bad actors. Mirai is one of the biggest botnets. It emerged in 2016, is still operational, and is estimated to have infected up to 350,000 Internet of Things (IoT) devices. This botnet has been adapted and used for many types of activities, including distributed denial of service (DDoS) attacks. More recently, bad actors tried to further obfuscate their activity and source their traffic by obtaining IP addresses through the use of residential proxy services. This creates a legitimate interconnected, peer-to-peer system that adds sophistication to the activity and makes it more challenging to detect and mitigate. This document focuses on the bot landscape, its effect on your applications, and the available strategies and mitigation options. This prescriptive guidance and its best practices help you understand and mitigate different types of bot attacks. In addition, this guide describes the AWS services and features that support a bot mitigation strategy and how each one can help you protect your applications. It also includes an overview of bot monitoring and best practices for optimizing solution costs.
    2024-02-24
  • Whitepaper

    Amazon CloudFront for Media Streaming

    This whitepaper is for media organizations interested in delivering streaming media content to their viewers using Amazon CloudFront. Media delivery has a unique set of characteristics requiring low latency, high reliability, and high scalability.
    2023-09-13
  • Whitepaper

    AWS Best Practices for DDoS Resiliency

    In this whitepaper, AWS provides you with prescriptive DDoS guidance to improve the resiliency of applications running on AWS.
    2023-08-09
  • Whitepaper

    Guidelines for Implementing AWS WAF

    This whitepaper outlines recommendations for implementing AWS WAF to protect existing and new web applications. This whitepaper applies to anyone who is tasked with protecting web applications.
    2022-01-19
  • Whitepaper

    Secure Content Delivery with Amazon CloudFront

    This whitepaper describes how Amazon CloudFront, a highly secure, managed service, can help architects and developers secure the delivery of their applications and content by providing useful, security-supporting features.
    2022-01-11
1

本頁對您是否有幫助?