Before placing Web Application Firewall into production, there are a few essential configuration items you must manage. These steps are outlined below:
Before you begin
Before you can begin to set up your WAF, you must install the appliance per your preferred deployment method. Refer to Web Application Firewall Overview for details about the available deployment options and installation instructions.
Accessing the setup page
Once your WAF is up and running and on the network with a reserved IP address, you can open a web browser and enter the IP address of your WAF appliance. Details for obtaining the IP address of your appliance are provided in the corresponding installation documentation.
Adding the appliance to your account
From the setup page, click the ETM Dashboard link to add the appliance to your ETM Dashboard account. If you do not have an account, you can create one here. Complete the information about your appliance and click Add Appliance.
Assigning an Upstream Server
After you finish adding the appliance to your account, the appliance configuration loads with the Upstream Servers screen.
An Upstream server refers to the IP address or hostname of the web server you wish to protect. To add an upstream server:
- Click Add Server.
- Enter the address of your Upstream server.
- Click the checkmark to confirm.
If you have a cluster of web servers providing access to the same content, you can configure multiple Upstream servers with load balancing. For more details on Upstream Server configuration see Configuring Upstream Servers in Web Application Firewall.
- Install your SSL certificate. If your web application uses SSL, you must import the SSL certificate used by your web application to your WAF. For instructions on importing your SSL certificate see Configuring Upstream Servers in Web Application Firewall.
- Configure port listeners. By default, WAF listens for requests on the standard web ports of TCP 80 and 443. If your web application uses alternate ports you need to configure these in WAF. For instructions on configuring port listeners see Configuring Upstream Servers in Web Application Firewall.
- Test connectivity to your web server. In a browser, enter the IP address of your WAF appliance. If your upstream server is set up correctly you will see the content served by your web application rather than the setup page.
- Update your DNS. Once you have completed the setup steps to configure your WAF, your final step to putting the appliance into production is to update your DNS record so that the domain name for your web application directs to the IP address of your WAF appliance.