[PFR] Create reference URL egress filtering add-on
jonrau1 opened this issue · 0 comments
jonrau1 commented
Story
As a user of SyntheticSun I want to have a URL filtering solution as an add-on so that I can utilized existing threat intel and automation infrastructure to provide protection against outbound communications to known malicious destinations.
Definition of Done
- Squid used for URL filtering, added in Appendix B
- Automation and configuration management scripts created to periodically update lists of malicious domains / URLs
- CloudFormation support for a new reference VPC using the solution
- Auto-scaled + load balanced Proxies
- Onboard Squid logs into SyntheticSun core solution
- Updated documentation
Nice to Have
- Fargate Services are used for Squid
- Multi-VPC egress pattern implemented via TGW
Additional Information
- https://hub.docker.com/r/sameersbn/squid/
- http://www.squid-cache.org/Doc/
- https://aws.amazon.com/blogs/security/how-to-add-dns-filtering-to-your-nat-instance-with-squid/
- https://aws.amazon.com/blogs/security/how-to-set-up-an-outbound-vpc-proxy-with-domain-whitelisting-and-content-filtering/
- https://aws.amazon.com/blogs/networking-and-content-delivery/how-to-use-aws-privatelink-to-secure-and-scale-web-filtering-using-explicit-proxy/