Did you sign up for Qualys WAF? This is our web application firewall solution in the cloud. As part of the set up, you'll deploy a WAF virtual appliance to a firewall cluster within in your environment. It just takes a couple minutes. We'll help you with this now.
A few things to consider...
1) The steps below show you how to configure a WAF appliance using Amazon EC2. Alternatively you can use VMware.
2) A WAF firewall cluster can be assigned as many WAF appliances as your subscription allows.
I'm ready to get started. What are the steps?
1) Go to your Amazon EC2 Dashboard and launch an instance
2) Choose the WAF AMI
Click My AMIs (1) and then select QualysGuard WAF AMI (2). Tip - Use the search box to find this quickly. Just enter "WAF" and click Enter. (Don't see the WAF AMI? Please contact your Qualys Technical Account Manager or our Support Team and we'll help you with this.)
3) Choose Instance Type
Select an instance type - there's a wide variety to choose from.
Then click Next: Configure Instance Details.
4) Configure Instance
Open Advanced Details. In the User Data field, enter your WAF registration token and other properties.
WAF_CLUSTER_ID (Required) Enter the WAF registration token in this format: WAF_CLUSTER_ID=your_token. You can find this token by going to the firewall clusters list (Assets > WAF Clusters).
WAF_SERVICE_URL This is the URL of the Qualys Cloud Platform hosting your Qualys account. Enter the URL in this format: WAF_SERVICE_URL=https://rns.qualys.com
PROXY_URL If the WAF needs to connect to the Qualys Cloud Platform through an HTTP proxy, please input the URL of the proxy. Enter the proxy URL in this format: PROXY_URL=proxy_url
WAF_SSL_PASSPHRASE If your web application’s primary or secondary base URL uses the HTTPS protocol and your private key requires a passphrase, please input your passphrase. Enter the passphrase in this format: WAF_SSL_PASSPHRASE=passphrase
5) Additional steps (optional)
You might want to add storage, tag the instance, configure security groups.
6) Click Review and Launch
Be sure to wait until the WAF AMI status is green (this means it's running). Then you're ready to add the AMI instance to the EC2 load balancer (see below).
Add your WAF AMI to the Load Balancer
1) Create an HTTP Load Balancer Instance
2) Set up your Health Checks
Choose the TCP Ping Protocol option. Later, when your web application is online, you can choose a URL for a comprehensive health check.
3) Add Your WAF Instance in the Cluster
Click the Select check box next to your WAF instance to add it to the load balancer. Your load balancer is now created and will soon be able to handle requests.
4) Redirect Your Traffic to the Load Balancer Hostname
Test the availability of your web application through the load balancer. Once confirmed, you'll need to alias your DNS entries to the Amazon EC2 load balancer you just created.
You've configured your WAF appliance. Once you're done we'll start a distributed network of sensors for your firewall cluster. Also your firewall cluster will start making outbound connections to the Qualys Cloud Platform.
Getting started with WAF is easy. Need some help? Just follow the steps in our online guide - select WAF from the application picker, go to the username menu (top right) and select Quick Start Guide.