Revision as of 14:57, 16 June 2012 (edit) Mshinn (Talk | contribs) (Created page with "= Introduction = = Configuration = The ASL WAF is initially configured during the install of ASL. Once ASL is installed, you can configure the WAF through three parts of th...")		Revision as of 15:00, 16 June 2012 (edit) (undo) Mshinn (Talk | contribs) m (→‎Introduction) Newer edit →
Line 1:		Line 1:
	= Introduction =		= Introduction =
		+
		+	The ASL WAF has two non-exclusive modes operation:
		+
		+	1) Embedded mode
		+
		+	2) Proxy mode
		+
		+	== Embedded mode ==
		+
		+	Embedded mode works with Apache 2.x.  ASL will install a special module in Apache to give it native WAF protection capabilities.  This installation will occur when ASL is installed.
		+
		+	== Proxy mode ==
		+
		+	Proxy mode allows ASL to protect any HTTP and/or HTTPS service, either a local server (such as when using a web server that does not support embedded mode) or a remove server.
	= Configuration =		= Configuration =

---

Revision as of 15:00, 16 June 2012

Contents 1 Introduction 1.1 Embedded mode 1.2 Proxy mode 2 Configuration 2.1 WAF Tab 2.1.1 embedded 2.1.2 local 2.1.3 remote 2.2 ASL Configuration Settings 2.3 Rule Manager 3 Usage 4 Events

Introduction

The ASL WAF has two non-exclusive modes operation:

1) Embedded mode

2) Proxy mode

Embedded mode

Embedded mode works with Apache 2.x. ASL will install a special module in Apache to give it native WAF protection capabilities. This installation will occur when ASL is installed.

Proxy mode

Proxy mode allows ASL to protect any HTTP and/or HTTPS service, either a local server (such as when using a web server that does not support embedded mode) or a remove server.

Configuration

The ASL WAF is initially configured during the install of ASL.

Once ASL is installed, you can configure the WAF through three parts of the ASL GUI:

WAF Tab

This tab is used to setup the WAF. There are three types of WAF you can configure:

embedded

The embedded WAF is an apache module that is installed on any local Apache installations. This should be setup by default, if you are running apache on the system.

local

This type of WAF is used to protect any local HTTP and/or HTTPS services that may be running on the system itself, where the embedded WAF module can not be used. For example, if the system was running a tomcat or litespeed, which do not support the WAF embedded WAF module. You can configure a WAF to protect these services.

To setup a local WAF simply

remote

This type of WAF is used to protect any remote HTTP and/or HTTPS services that are not running on the system itself. For example, if you have a remote webserver you wish to protect, you can configure a WAF to protect these services.

To setup a remote WAF simply

ASL Configuration Settings

Rule Manager

The Rule manager can be used to configure individual WAF rules, such as what response the system such take for that rule, if an email or GUI alert should be presented, and so on. The following are the options you can use for each rule:

Usage

Events