Difference between revisions of "ASL WAF"

From Atomicorp Wiki
Jump to: navigation, search
m (Introduction)
(Configuration)
Line 17: Line 17:
 
= Configuration =
 
= Configuration =
  
The ASL WAF is initially configured during the install of ASL.
+
The ASL WAF is initially configured during the install of ASL. If Apache is installed on the system, ASL will attempt to install the embedded WAF module.  If Apache is installed on the system via package management, then this will occur automatically and you will not need to configure the WAF further to protect an installed Apache instance. 
  
Once ASL is installed, you can configure the WAF through three parts of the ASL GUI:
+
Once ASL is installed, if you need to do so, you can configure the WAF through three parts of the ASL GUI:
  
 
== WAF Tab ==
 
== WAF Tab ==
Line 33: Line 33:
 
This type of WAF is used to protect any local HTTP and/or HTTPS services that may be running on the system itself, where the embedded WAF module can not be used.  For example, if the system was running a tomcat or litespeed, which do not support the WAF embedded WAF module.  You can configure a WAF to protect these services.
 
This type of WAF is used to protect any local HTTP and/or HTTPS services that may be running on the system itself, where the embedded WAF module can not be used.  For example, if the system was running a tomcat or litespeed, which do not support the WAF embedded WAF module.  You can configure a WAF to protect these services.
  
To setup a local WAF simply
+
To setup a local WAF simply follow these steps:
 +
 
 +
Step 1) Log into the ASL GUI
 +
 
 +
Step 2) Click the WAF tab
 +
 
 +
Step 3) Select WAF Config
 +
 
 +
This will pull up the WAF Config window, which will show the existing WAFs.
 +
 
 +
Step 4) Click "Enable T-WAF".  If you see "Disable T-WAF" this option has already been enabled.
 +
 
 +
Step 5) Click "Add"
 +
 
 +
This will will pull up the "Add WAF Config" window.
 +
 
 +
Step 6) Click on the  "Add protection for" drop down.  Select "local"
 +
 
 +
This will present you with two options:
 +
 
 +
Local Port:  Type in the local port you wish to protect. 
 +
 
 +
Note:  Check if you have any embedded WAFs installed on the system before you do this.  If you have an embedded WAF already installed on port 80, as should occur if you have Apache installed (and its package managed), then enabling the T-WAF in front of Apache would create a loop.  Its not necessary to put a WAF in front of a service that is protected via embedded mode.
 +
 
 +
SSL: Select this if the service you wish to protect is SSL based.
 +
 
 +
If you select SSL, then you will see this additional options:
 +
 
 +
Path to SSL Certificate: Provide the filesystem path to the SSL certificate for this service.
 +
 
 +
Path to SSL Key file: Provide the filesystem path to the SSL key file for this service.
 +
 
 +
Step 7) Then click Save
 +
 
 +
 
 +
 
 +
 
  
  
Line 48: Line 84:
  
 
The Rule manager can be used to configure individual WAF rules, such as what response the system such take for that rule, if an email or GUI alert should be presented, and so on.  The following are the options you can use for each rule:
 
The Rule manager can be used to configure individual WAF rules, such as what response the system such take for that rule, if an email or GUI alert should be presented, and so on.  The following are the options you can use for each rule:
 
  
 
= Usage =
 
= Usage =

Revision as of 12:53, 20 June 2012

Contents

Introduction

The ASL WAF has two non-exclusive modes operation:

1) Embedded mode

2) Proxy mode

Embedded mode

Embedded mode works with Apache 2.x. ASL will install a special module in Apache to give it native WAF protection capabilities. This installation will occur when ASL is installed.

Proxy mode

Proxy mode allows ASL to protect any HTTP and/or HTTPS service, either a local server (such as when using a web server that does not support embedded mode) or a remove server.

Configuration

The ASL WAF is initially configured during the install of ASL. If Apache is installed on the system, ASL will attempt to install the embedded WAF module. If Apache is installed on the system via package management, then this will occur automatically and you will not need to configure the WAF further to protect an installed Apache instance.

Once ASL is installed, if you need to do so, you can configure the WAF through three parts of the ASL GUI:

WAF Tab

This tab is used to setup the WAF. There are three types of WAF you can configure:

embedded

The embedded WAF is an apache module that is installed on any local Apache installations. This should be setup by default, if you are running apache on the system.

local

This type of WAF is used to protect any local HTTP and/or HTTPS services that may be running on the system itself, where the embedded WAF module can not be used. For example, if the system was running a tomcat or litespeed, which do not support the WAF embedded WAF module. You can configure a WAF to protect these services.

To setup a local WAF simply follow these steps:

Step 1) Log into the ASL GUI

Step 2) Click the WAF tab

Step 3) Select WAF Config

This will pull up the WAF Config window, which will show the existing WAFs.

Step 4) Click "Enable T-WAF". If you see "Disable T-WAF" this option has already been enabled.

Step 5) Click "Add"

This will will pull up the "Add WAF Config" window.

Step 6) Click on the "Add protection for" drop down. Select "local"

This will present you with two options:

Local Port: Type in the local port you wish to protect.

Note: Check if you have any embedded WAFs installed on the system before you do this. If you have an embedded WAF already installed on port 80, as should occur if you have Apache installed (and its package managed), then enabling the T-WAF in front of Apache would create a loop. Its not necessary to put a WAF in front of a service that is protected via embedded mode.

SSL: Select this if the service you wish to protect is SSL based.

If you select SSL, then you will see this additional options:

Path to SSL Certificate: Provide the filesystem path to the SSL certificate for this service.

Path to SSL Key file: Provide the filesystem path to the SSL key file for this service.

Step 7) Then click Save




remote

This type of WAF is used to protect any remote HTTP and/or HTTPS services that are not running on the system itself. For example, if you have a remote webserver you wish to protect, you can configure a WAF to protect these services.


To setup a remote WAF simply

ASL Configuration Settings

Rule Manager

The Rule manager can be used to configure individual WAF rules, such as what response the system such take for that rule, if an email or GUI alert should be presented, and so on. The following are the options you can use for each rule:

Usage

Events

Personal tools