On-Premise
WAF ONBOARDING
THREAT ANALYSIS
HTTP SUPPORT
PROTECTION USE CASES
DETECTION TECHNIQUES
System Requirements
Minimum 2 node cluster: one WAF node and one Management node
Management Node Hardware
2 vcpu
8gb memory
WAF Node Hardware
4 vcpu
16gb memory
NOTE: The ports 6443 of the management and the port 80 and 443 of the WAF node should be open and available. Machines should be present on same local network.Internet and ssh access (or remote session) are needed.
Onboarding for On-Premises Customers
(a) ON-Premise WAF installation
Step 1 : Prophaze waf will be installed in the allocated VMS.
Step 2: Go to “Settings” page. Now, we need to connect the WAF. For that, click on the “On Premise WAF” tab on the left side of the page
To set up on premise we need cluster endpoint and service account token.
Port 6443 which is the Management port used for the dashboard to communicate with the Management node for the ip: Prophaze ip should be allowed.
Step 3: A token is created for the dashboard to communicate with the cluster, copy and paste the SA token in the dashboard using the execution of the following command:
kubectl get secret $(kubectl get sa prophaze-service-account -n kube-system -o jsonpath={.secrets[0].name}) -n kube-system -o jsonpath={.data.token} | base64 --decode
(Note down the output of this command to configure the cluster in Prophaze dashboard.)
Step 4: The ON-Premise WAF is set up, all good to go. While onboarding a domain, select the newly added WAF instance for installation.
Note: On Premise WAF is available only for enterprise customers. Please contact Prophaze customer support to upgrade the plan.
Also, you can find the logs and its corresponding graphical representation in the dashboard home page.