- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- CloudGuard - WAF
- :
- Cloudguard Appsec Integration with existing nginx ...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Cloudguard Appsec Integration with existing nginx reverse proxy
Hi Team,
Does AppSec works with nginx reverse proxy? Lets say I have 5 portals behind nginx reverse proxy as a on-prem server.
Can I -
- Deploy on-prem Nginx integration with AppSec
- Also we are deciding to move to the cloud wondering then can we move to the cloud?
Blason R
CCSA,CCSE,CCCS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
You can deploy our Agent on a Linux Server with NGINX deployed on it.
I have done it in a lab environment and it worked with no issues.
When you move to a cloud environment you can just deploy another agent in the new deployment on the server or as a CloudGuard AppSec Gateway to protect it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
What if I have multiple portals configured in reverse proxy? Can single agent detect those multiple portals? How are the SKUs per portal or per agent.
Blason R
CCSA,CCSE,CCCS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I think the license is per amount of requests or something like that.
anyway you configure on the Agent the IP addresses that it needs to protect so if the requests are going to IP addresses on that server then he will protect all of the portals.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks man - the Idea is currently we are using mod_sec and protecting apps like
- example.com
- test.testing.com
- one.notsecurenet.in
etc..
Blason R
CCSA,CCSE,CCCS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Blason_R ,
If you need help with deployment, let me know and i will make sure you will get assistance.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Shay - Since we have done numerous Nginx reverse proxy installations we are pretty confident on it. However I am replicating and testing in my partner portal account and in my test environment. So far is going good and have integrated with nginx.
Once I am confident we then can replicate the same story with our customers as Nginx reverse proxy. However I am confused about commercials and workings.
lets discuss that later for sure - Let me first finish the technical part and if I am stuck will contact you for sure.
TIA
Blason R
CCSA,CCSE,CCCS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Shay_Levin
I am facing this unique issue in further testing. Now my reverse proxy holds two URLs
I created two assets for two different websites. However both my websites are getting blocked by Check Point Infinity agent even though I set the profile accordingly. Now for testing purpose I stopped the agent with cpnano -q and both the sites started accessing properly. However when I start the agent it blocks again.
Any reason why?
I restarted the agent but its still blocking the legitimate requests
Blason R
CCSA,CCSE,CCCS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Blason_R what do you see in the logs ? what is the reason it was blocked ?
could be that the site is vulnerable ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks @Nir_Shamir I had a offline discussion with Shay, Gal and Eyal and found the issue. Well certain features are still in EA and have activated prevent mode directly without learning mode.
Blason R
CCSA,CCSE,CCCS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks a lot @Shay_Levin for helping me out on resolving the issue. It was due to the setting on asset for blocking non-relevant applications and since my web server was listening on other portal request is being blocked by agent.
We added the setting in nginx web server and bypassed that location.
Thanks a lot Team!!
Blason R
CCSA,CCSE,CCCS