Deployment of Cybersecurity Appliances with IaC

Nowadays, cybersecurity is an increasingly important aspect to be taken into account by organizations and companies due to the growing number of attacks that threaten their sensitive information. Therefore, proper network monitoring and management allows companies to quickly detect and mitigate mali...

ver descrição completa

Detalhes bibliográficos
Autor: López I Valero, Raúl
Formato: tesis de maestría
Fecha de publicación:2023
País:España
Recursos:Universitat Politècnica de Catalunya (UPC)
Repositorio:UPCommons. Portal del coneixement obert de la UPC
Idioma:inglés
OAI Identifier:oai:upcommons.upc.edu:2117/399693
Acesso em linha:https://hdl.handle.net/2117/399693
Access Level:acceso embargado
Palavra-chave:Computer security
Cybersecurity
Appliances
IaC
Infrastructure
WAF
Orchestration
Pentesting
Ciberseguridad
Infraestructura
Orquestación
Seguretat informàtica
Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica
Descrição
Resumo:Nowadays, cybersecurity is an increasingly important aspect to be taken into account by organizations and companies due to the growing number of attacks that threaten their sensitive information. Therefore, proper network monitoring and management allows companies to quickly detect and mitigate malicious attacks and service failures. The context of this TFM involves the development of a software capable of deploying a software-based Web Application Firewall (WAF) cybersecurity appliance in the network infrastructure of GMV's client companies. A WAF is responsible for providing protection to the web application server against a wide range of cyber-attacks. The primary function of the WAF is to ensure the security of the web server by analyzing the request packets and HTTP traffic patterns sent to it, filtering and blocking any requests that do not comply with the firewall rules before they reach the web application. The objective of this project is to study and develop a new service to offer with lower installation and management costs using the concept of Infrastructure as Code (IaC). To this end, a research, proposal, design and implementation of a software has been performed to extend the scope of the company with an alternative solution to the installation of physical appliances. The service is designed to operate on demand, creating the infrastructure along and automating the process of installing the preconfigured cybersecurity appliances in Docker containers that can be orchestrated with an orchestrator tool.