Overview
This page lists changes from WafCharm Dashboard including name changes to features changes.
Changes
- Changed the name from WafCharm Dashboard to WafCharm Console.
- Changed the URL to
https://console.wafcharm.com/ja. - All users can view the number of logs on the dashboard page.
- Changed the name from Blacklist to Denylist.
- Changed the name from Whitelist to Allowlist.
- The blacklist excluding feature is now available to users on the console as Exclusion Settings from the dynamic denylist.
- 3 methods for credential registration are available.
- Credential registration via CloudFormation is now available.
- Changed the rule systems.
- Legacy rule policy: the rule system from the old WafCharm dashboard.
- Only the Legacy rule policy is available for old plan users.
- Parts of new features are unavailable.
- Advanced rule policy: A new rule system available from WafCharm Console.
- New plan users can select this rule policy as well as Legacy.
- All new features are available.
- Changed the required logs from access log to WAF log when using Advanced rule policy.
- Access log integration is required for old plan with Legacy rule policy with ALB or CloudFront.
- Changed WAF log retrieval method.
- Easy opt-in for WAF log retrieval (the new method) with a checkbox for Advanced rule policy.
- For the Legacy rule policy, both old (transferring WAF logs using Lambda) and new methods are available.
- WAF log retrieval (new method) will provide dashboard feature showing detection status and providing WAF log searching feature.
- Managed Rules feature is obsolete (AWS WAF Classic only).
Correspondence table
AWS
Features | AWS WAF v2 (new plan/AWS Marketplace ver.) | AWS WAF v2 (old plan) | AWS WAF Classic (old plan) |
|---|
Name change (WafCharm Console) | Applicable | Applicable | Applicable |
URL change | Applicable | Applicable | Applicable |
All users can view the number of logs on the dashboard page | Applicable | Applicable | Applicable |
Name change (from Blacklist to Denylist) | Applicable | Applicable | Applicable |
Name change (from Whitelist to Allowlist) | Applicable | Applicable | Applicable |
Denylist's exclusion setting (previously exclusion from blacklist) | Applicable | Applicable | Applicable |
Credential configuration with CloudFormation | Applicable | Applicable | Applicable |
Advanced rule policy | Applicable | Not available | Not available |
Legacy rule policy *The same rule policy as the old WafCharm dashboard | Applicable | Applicable | Applicable |
Rule config (IP address Allowlist, Denylist) | Applicable | Applicable | Applicable |
Rule config (rate-based) | Applicable | Not available | Not available |
Rule config (geo-match) | Applicable | Not available | Not available |
Rule config (Bot detection) | Applicable | Not available | Not available |
Rule config (Regex rules, Legacy's default rules) | Applicable | Applicable | Applicable |
Access logs integration | Applicable (for Legacy only) | Applicable | Applicable |
WAF log retrieval (new method) | Applicable | Applicable | Applicable |
WAF log transfer (old method) | Applicable (for Legacy only) | Applicable | Applicable |
WAF log alert config | Applicable (for Legacy only) | Applicable | Applicable |
WAF log search | Applicable | Applicable (with new method) | Applicable (with new method) |
Detection status (dashboard feature) | Applicable | Applicable (with new method) | Applicable (with new method) |
Notes
Notes on AWS WAF v2
- If both WAF log transfer (old method) and WAF log retrieval (new method) are enabled on a WAF Config with Legacy rule policy, both WAF log alert features will also be enabled. It is recommended that only one method be enabled to avoid receiving duplicate detection notification emails.
- Due to the structure update, the number of rules applied in the Advanced rule policy is different from that in the Legacy rule policy. In the Advanced rule policy, 49 regular expression rules (default rules responding to common web attacks) are applied.
- The AWS WAF pricing may change if the number of rules is different. For more information, please refer to the AWS WAF Pricing page.
- The migration feature from the old plan to the new plan is currently unavailable. If you would like to migrate to the new plan, please contact the WafCharm support team.
Notes on AWS WAF Classic
- Sign-up for the old plan has stopped. New accounts cannot use AWS WAF Classic.
- AWS WAF Classic can only select the old plan and Legacy rule policy and cannot migrate to a new plan (Legacy/Advanced). Please migrate to AWS WAF v2 first.
- The Managed Rules feature for AWS WAF Classic that was used when WafCharm was used with CSC's Managed Rules is now obsolete. Please use the AWS management console to change the rule actions of CSC's Managed Rules.