Web Security Manager web application firewall is installed in the network between the network firewall and the web server. It works in reverse proxy mode which means that it proxies requests on behalf of the web servers it protects. The client connects to Web Security Manager as if it was the real backend web server, Web Security Manager validates the request and forwards it to the backend web server if the request is not hostile.
Follow this easy walk through to install Web Security Manager and configure protection for your website(s).
Example scenario
Web Security Manager is installed in the same network (DMZ) as the web server it is protecting. It is given an IP address in the same subnet as the web server. The platform Web Security Manager is installed on has two network interfaces so the other network interface is configured with an IP address in a different subnet.
This scenario is the easiest to implement, since Web Security Manager can be introduced in the already established network without any major reconfigurations.
-
The web server is currently configured with the IP address 192.168.0.103 in the subnet 255.255.255.0.
-
Web Security Manager will be configured to serve and protect traffic to demosite.mydomain.com on the IP address 192.168.0.20.
-
Network interface 2 is configured with the address 192.168.3.20. We can use this address for the web based management interface.
This example scenario will be used throughout the quick start guide to help you install and configure Web Security Manager to protect your web site.
The gateway in this example is 192.168.0.1.
To install Web Security Manager you will need a platform to install it on - physical or virtual - and some basic network information.
Web Security Manager runs on 64-bit server architecture and can be installed on most x86-64 compatible servers including virtual machines. For recommended hardware please see www.armorlogic.com/profense_recommended_hardware.html.
Web Security Manager includes its own secure operating system. During the Web Security Manager installation, the harddisk you install it on will be completely erased. As Web Security Manager is installed on its own server or virtual server and communicates with the protected web server as an HTTP client, it protects websites and web applications running on any server and platform conforming to the HTTP protocol.
![[Note]](images/note.png) |
Note |
|---|---|
|
Hyper-Threading is not supported. If the hardware platform supports Hyper-Threading, disable it in the BIOS. |
- Burn install CD-ROM
-
If you have downloaded a Web Security Manager ISO-image, start by burning a Web Security Manager CD-ROM from the image. The resulting CD-ROM is bootable.
- Virtual Platform
-
If you are installing on a virtual platform, you may mount the ISO-image directly.
Boot the installation platform from the Web Security Manager CD-ROM or ISO-image.
Follow the on-screen instructions. Depending on the size of your hard drive, the installation usually takes between 5 and
15 minutes. In the example below the system has two network interfaces. When you are prompted for input, the default choice
is displayed in brackets - like [em0].
-
The installer detects available network interfaces and prompts you for IP configuration for each interface
-
In the example above em0 is suggested as the first interface to configure - hit return
-
Enter IP address for the interface (in the example 192.168.0.20 is entered) - hit return
-
Enter netmask for the IP address. In the example 255.255.255.0 is accepted by hitting return
Repeat the process until there are no more interfaces available.
-
-
Enter the default IP network route (the gateway address) and hit return. In the example 192.168.0.1 is entered
When the installation is finished, you are asked to reboot . Remove the CD-ROM from the CD-ROM drive and reboot.
After reboot, the console displays the configured addresses for accessing the web based management interface.