Basic configurations of Network Security Series 9 WAF

Web Application Security Gateway (WAF) is designed to address WEB Website security issues, and can identify and protect multiple Web Application Layer attacks in real time, for example, SQL injection, XSS, and illegal directory traversal. WAF devices are generally deployed at the front-end of web servers and are deployed with external firewalls. All traffic destined for the internal network must go through the firewall, and all traffic destined for the Web must go through the WAF, WAF filters web access traffic layers and performs In-depth checks to ensure that the traffic destined for the Web server is safe, reliable, and normal, thus protecting the security of the Web server.

The following topology shows the location of WAF in the network,

650) This. width = 650; "Title =" 1.jpg" alt = "wkiol1rgaytjgjhoaae9fo6klhe174.jpg" src = "http://s3.51cto.com/wyfs02/M02/4C/D6/wKioL1RGAYTjGjHoAAE9fo6KlHE174.jpg"/>

In the game, specify the DCFW-1800-WAF that uses digital China, its appearance,

650) This. width = 650; "Title =" 2.jpg" alt = "wKiom1RGAXORq-0_AAFAqSehNCc508.jpg" src = "http://s3.51cto.com/wyfs02/M02/4C/D5/wKiom1RGAXORq-0_AAFAqSehNCc508.jpg"/>

• Console interface: used for device fault debugging and factory recovery settings;

• USB interface: used for external USB alarm device;

• Eth0 interface: used to connect to the Internet. The corresponding web interface configuration interface is the WAN port;

• Eth1 interface: used to connect to the Intranet web server. The interface configured on the corresponding web interface is a LAN port;

• Eth2 interface: used for initial login and configuration of WAF device, also known as out-of-band port;

• Eth3 interface: the Management port of the WAF device. It is the heartbeat port when HA is configured;

Note: The eth2 interface has a fixed IP Address: 192.168.45.1, which has been fixed to the device and cannot be changed. The interface configuration is not available on the Web interface, this API is only used when you configure WAF for the first time or forget to log on to the IP address of another port.

When you set it for the first time, you can log on through the eth2 port and open the browser and enter https: // 192.168.45.1/, Username: Admin, and password: admin123.

WAF has two deployment modes: "Transparent" and "reverse proxy". In this mode, you do not need to change the network environment and directly connect the devices to the front-end of the Web server for convenient access, in this mode, data is directly forwarded to the server when an Internet user accesses the server. The transparent mode is generally used here.

Log on to WAF. In the left-side function tree, click "configuration"> "network configuration", select "transparent mode", and click "save" to configure IP addresses for the WAN port: 192.168.1.2/24, when the transparent mode is selected, the WAN port and the LAN port form a bridge. At this time, the LAN port cannot be configured with an IP address. The Wan port IP address is the Bridge IP address.

650) This. width = 650; "Title =" 3.jpg" alt = "wkiom1rgae3zbxngamlcbwnzds645.jpg" src = "http://s3.51cto.com/wyfs02/M01/4C/D5/wKiom1RGAe3zBXnsAAMLCbWnzds645.jpg"/>

Connect the Web server (IP address 192.168.1.3) to eth1 and the attack host to eth0.

Log on to the WAF device, go to "Site-> site management", and click "CREATE" to create a service. This adds the website information to be protected.

650) This. width = 650; "Title =" 4.jpg" alt = "wkiom1rgaiogvivdaafi9c7vp7q100.jpg" src = "http://s3.51cto.com/wyfs02/M01/4C/D5/wKiom1RGAiOgvivDAAFi9C7vP7Q100.jpg"/>

Enter http: // 192.168.1.3/in the browser on the attacker to access the Web server.

 

This article is from the "one pot of turbidity wine" blog. For more information, please contact the author!

Basic configurations of Network Security Series 9 WAF