Difference between revisions of "ASL WAF"
m (→Introduction) |
(→Configuration) |
||
| Line 17: | Line 17: | ||
= Configuration = | = Configuration = | ||
| − | The ASL WAF is initially configured during the install of ASL. | + | The ASL WAF is initially configured during the install of ASL. If Apache is installed on the system, ASL will attempt to install the embedded WAF module. If Apache is installed on the system via package management, then this will occur automatically and you will not need to configure the WAF further to protect an installed Apache instance. |
| − | Once ASL is installed, you can configure the WAF through three parts of the ASL GUI: | + | Once ASL is installed, if you need to do so, you can configure the WAF through three parts of the ASL GUI: |
== WAF Tab == | == WAF Tab == | ||
| Line 33: | Line 33: | ||
This type of WAF is used to protect any local HTTP and/or HTTPS services that may be running on the system itself, where the embedded WAF module can not be used. For example, if the system was running a tomcat or litespeed, which do not support the WAF embedded WAF module. You can configure a WAF to protect these services. | This type of WAF is used to protect any local HTTP and/or HTTPS services that may be running on the system itself, where the embedded WAF module can not be used. For example, if the system was running a tomcat or litespeed, which do not support the WAF embedded WAF module. You can configure a WAF to protect these services. | ||
| − | To setup a local WAF simply | + | To setup a local WAF simply follow these steps: |
| + | |||
| + | Step 1) Log into the ASL GUI | ||
| + | |||
| + | Step 2) Click the WAF tab | ||
| + | |||
| + | Step 3) Select WAF Config | ||
| + | |||
| + | This will pull up the WAF Config window, which will show the existing WAFs. | ||
| + | |||
| + | Step 4) Click "Enable T-WAF". If you see "Disable T-WAF" this option has already been enabled. | ||
| + | |||
| + | Step 5) Click "Add" | ||
| + | |||
| + | This will will pull up the "Add WAF Config" window. | ||
| + | |||
| + | Step 6) Click on the "Add protection for" drop down. Select "local" | ||
| + | |||
| + | This will present you with two options: | ||
| + | |||
| + | Local Port: Type in the local port you wish to protect. | ||
| + | |||
| + | Note: Check if you have any embedded WAFs installed on the system before you do this. If you have an embedded WAF already installed on port 80, as should occur if you have Apache installed (and its package managed), then enabling the T-WAF in front of Apache would create a loop. Its not necessary to put a WAF in front of a service that is protected via embedded mode. | ||
| + | |||
| + | SSL: Select this if the service you wish to protect is SSL based. | ||
| + | |||
| + | If you select SSL, then you will see this additional options: | ||
| + | |||
| + | Path to SSL Certificate: Provide the filesystem path to the SSL certificate for this service. | ||
| + | |||
| + | Path to SSL Key file: Provide the filesystem path to the SSL key file for this service. | ||
| + | |||
| + | Step 7) Then click Save | ||
| + | |||
| + | |||
| + | |||
| + | |||
| Line 48: | Line 84: | ||
The Rule manager can be used to configure individual WAF rules, such as what response the system such take for that rule, if an email or GUI alert should be presented, and so on. The following are the options you can use for each rule: | The Rule manager can be used to configure individual WAF rules, such as what response the system such take for that rule, if an email or GUI alert should be presented, and so on. The following are the options you can use for each rule: | ||
| − | |||
= Usage = | = Usage = | ||
Revision as of 13:53, 20 June 2012
Contents |
Introduction
The ASL WAF has two non-exclusive modes operation:
1) Embedded mode
2) Proxy mode
Embedded mode
Embedded mode works with Apache 2.x. ASL will install a special module in Apache to give it native WAF protection capabilities. This installation will occur when ASL is installed.
Proxy mode
Proxy mode allows ASL to protect any HTTP and/or HTTPS service, either a local server (such as when using a web server that does not support embedded mode) or a remove server.
Configuration
The ASL WAF is initially configured during the install of ASL. If Apache is installed on the system, ASL will attempt to install the embedded WAF module. If Apache is installed on the system via package management, then this will occur automatically and you will not need to configure the WAF further to protect an installed Apache instance.
Once ASL is installed, if you need to do so, you can configure the WAF through three parts of the ASL GUI:
WAF Tab
This tab is used to setup the WAF. There are three types of WAF you can configure:
embedded
The embedded WAF is an apache module that is installed on any local Apache installations. This should be setup by default, if you are running apache on the system.
local
This type of WAF is used to protect any local HTTP and/or HTTPS services that may be running on the system itself, where the embedded WAF module can not be used. For example, if the system was running a tomcat or litespeed, which do not support the WAF embedded WAF module. You can configure a WAF to protect these services.
To setup a local WAF simply follow these steps:
Step 1) Log into the ASL GUI
Step 2) Click the WAF tab
Step 3) Select WAF Config
This will pull up the WAF Config window, which will show the existing WAFs.
Step 4) Click "Enable T-WAF". If you see "Disable T-WAF" this option has already been enabled.
Step 5) Click "Add"
This will will pull up the "Add WAF Config" window.
Step 6) Click on the "Add protection for" drop down. Select "local"
This will present you with two options:
Local Port: Type in the local port you wish to protect.
Note: Check if you have any embedded WAFs installed on the system before you do this. If you have an embedded WAF already installed on port 80, as should occur if you have Apache installed (and its package managed), then enabling the T-WAF in front of Apache would create a loop. Its not necessary to put a WAF in front of a service that is protected via embedded mode.
SSL: Select this if the service you wish to protect is SSL based.
If you select SSL, then you will see this additional options:
Path to SSL Certificate: Provide the filesystem path to the SSL certificate for this service.
Path to SSL Key file: Provide the filesystem path to the SSL key file for this service.
Step 7) Then click Save
remote
This type of WAF is used to protect any remote HTTP and/or HTTPS services that are not running on the system itself. For example, if you have a remote webserver you wish to protect, you can configure a WAF to protect these services.
To setup a remote WAF simply
ASL Configuration Settings
Rule Manager
The Rule manager can be used to configure individual WAF rules, such as what response the system such take for that rule, if an email or GUI alert should be presented, and so on. The following are the options you can use for each rule:
