Scoping Questionnaire - CloudGuard WAF

Ash-Hal — Sun, 17 Aug 2025 19:20:06 GMT

Hi all,

Does anybody have a scoping questionnaire for ClodGuard WAF Agent (VMware) to understand the customer requirement?

Re: Scoping Questionnaire - CloudGuard WAF

PhoneBoy — Mon, 18 Aug 2025 15:51:24 GMT

For CloudGuard WAF deployments, we have a section in the documentation that covers the information we would need to deploy.
Not sure if that's exactly what you're looking for, but perhaps it will help: https://waf-doc.inext.checkpoint.com/getting-started/prepare-key-information

the_rock — Mon, 18 Aug 2025 17:01:41 GMT

Apart from what @PhoneBoy had sent, here is something additional that can also help.

Andy

What is the current VMware version and edition (vSphere, ESXi, vCenter)?
How many ESXi hosts and clusters are in scope for WAF deployment?
Are there any existing Check Point products in use (e.g., CloudGuard Network, Harmony Endpoint)?
What is the expected traffic volume (peak and average throughput)?
Are applications hosted in a single datacenter or multiple datacenters?

How is traffic currently routed to the applications (Load Balancer, Reverse Proxy, Direct)?
Where will the WAF Agent be deployed in the network path (inline, TAP, sidecar)?
Are SSL/TLS certificates managed centrally or per application?
Will SSL offloading or SSL inspection be required?
Expected number of protected domains and subdomains?

What attack vectors are of most concern (OWASP Top 10, Bot protection, API abuse, DDoS, zero-day exploits)?
Is virtual patching required for known vulnerabilities?
Is bot management (good vs. bad bot distinction) required?
Should the WAF integrate with an existing SIEM/SOC?
Any requirements for custom rules (Geo-blocking, IP reputation, rate limiting)?