This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ash-Hal
Explorer
‎2025-08-17 12:20 PM
Jump to solution

Scoping Questionnaire - CloudGuard WAF

Hi all,

Does anybody have a scoping questionnaire for ClodGuard WAF Agent (VMware) to understand the customer requirement? 

2 Solutions

Accepted Solutions
PhoneBoy
Admin
Admin
‎2025-08-18 08:51 AM
Jump to solution

For CloudGuard WAF deployments, we have a section in the documentation that covers the information we would need to deploy.
Not sure if that's exactly what you're looking for, but perhaps it will help: https://waf-doc.inext.checkpoint.com/getting-started/prepare-key-information

 

View solution in original post

the_rock
MVP Diamond
MVP Diamond
‎2025-08-18 10:01 AM
Jump to solution

Apart from what @PhoneBoy had sent, here is something additional that can also help.

Andy

CloudGuard WAF Agent (VMware) – Scoping Questionnaire

1. Customer Environment

  • What is the current VMware version and edition (vSphere, ESXi, vCenter)?

  • How many ESXi hosts and clusters are in scope for WAF deployment?

  • Are there any existing Check Point products in use (e.g., CloudGuard Network, Harmony Endpoint)?

  • What is the expected traffic volume (peak and average throughput)?

  • Are applications hosted in a single datacenter or multiple datacenters?

2. Applications in Scope

  • Which web applications need to be protected?

  • What are the application platforms (IIS, Apache, Nginx, Tomcat, etc.)?

  • Are applications containerized, VM-based, or hybrid?

  • Do applications use APIs (REST, SOAP, GraphQL, JSON)?

  • Are applications internal, external (internet-facing), or both?

  • Are there compliance requirements (PCI DSS, HIPAA, GDPR, etc.)?

3. Networking & Traffic Flow

  • How is traffic currently routed to the applications (Load Balancer, Reverse Proxy, Direct)?

  • Where will the WAF Agent be deployed in the network path (inline, TAP, sidecar)?

  • Are SSL/TLS certificates managed centrally or per application?

  • Will SSL offloading or SSL inspection be required?

  • Expected number of protected domains and subdomains?

4. Security Requirements

  • What attack vectors are of most concern (OWASP Top 10, Bot protection, API abuse, DDoS, zero-day exploits)?

  • Is virtual patching required for known vulnerabilities?

  • Is bot management (good vs. bad bot distinction) required?

  • Should the WAF integrate with an existing SIEM/SOC?

  • Any requirements for custom rules (Geo-blocking, IP reputation, rate limiting)?

5. Integration & Operations

  • How will policies be managed (centrally via Infinity Portal / SmartConsole)?

  • Are there existing automation/orchestration tools (Terraform, Ansible, etc.)?

  • How should logs be exported (Syslog, Log exporter, SIEM)?

  • Is there a requirement for high availability or multi-site redundancy?

  • Do you need reporting dashboards for compliance and management?

6. Performance & Sizing

  • Peak RPS (requests per second) and total connections per app?

  • SSL/TLS offload requirements (certificate count, cipher suites)?

  • Latency tolerance (ms overhead acceptable)?

  • Do you require load testing before production rollout?

7. Support & Ownership

  • Who will manage WAF policies (Security team, DevOps, App owners)?

  • Is 24/7 support required, or business hours only?

  • What is the expected SLA for incident response?

Best,
Andy

View solution in original post

2 Replies
PhoneBoy
Admin
Admin
‎2025-08-18 08:51 AM
Jump to solution

For CloudGuard WAF deployments, we have a section in the documentation that covers the information we would need to deploy.
Not sure if that's exactly what you're looking for, but perhaps it will help: https://waf-doc.inext.checkpoint.com/getting-started/prepare-key-information

 

the_rock
MVP Diamond
MVP Diamond
‎2025-08-18 10:01 AM
Jump to solution

Apart from what @PhoneBoy had sent, here is something additional that can also help.

Andy

CloudGuard WAF Agent (VMware) – Scoping Questionnaire

1. Customer Environment

  • What is the current VMware version and edition (vSphere, ESXi, vCenter)?

  • How many ESXi hosts and clusters are in scope for WAF deployment?

  • Are there any existing Check Point products in use (e.g., CloudGuard Network, Harmony Endpoint)?

  • What is the expected traffic volume (peak and average throughput)?

  • Are applications hosted in a single datacenter or multiple datacenters?

2. Applications in Scope

  • Which web applications need to be protected?

  • What are the application platforms (IIS, Apache, Nginx, Tomcat, etc.)?

  • Are applications containerized, VM-based, or hybrid?

  • Do applications use APIs (REST, SOAP, GraphQL, JSON)?

  • Are applications internal, external (internet-facing), or both?

  • Are there compliance requirements (PCI DSS, HIPAA, GDPR, etc.)?

3. Networking & Traffic Flow

  • How is traffic currently routed to the applications (Load Balancer, Reverse Proxy, Direct)?

  • Where will the WAF Agent be deployed in the network path (inline, TAP, sidecar)?

  • Are SSL/TLS certificates managed centrally or per application?

  • Will SSL offloading or SSL inspection be required?

  • Expected number of protected domains and subdomains?

4. Security Requirements

  • What attack vectors are of most concern (OWASP Top 10, Bot protection, API abuse, DDoS, zero-day exploits)?

  • Is virtual patching required for known vulnerabilities?

  • Is bot management (good vs. bad bot distinction) required?

  • Should the WAF integrate with an existing SIEM/SOC?

  • Any requirements for custom rules (Geo-blocking, IP reputation, rate limiting)?

5. Integration & Operations

  • How will policies be managed (centrally via Infinity Portal / SmartConsole)?

  • Are there existing automation/orchestration tools (Terraform, Ansible, etc.)?

  • How should logs be exported (Syslog, Log exporter, SIEM)?

  • Is there a requirement for high availability or multi-site redundancy?

  • Do you need reporting dashboards for compliance and management?

6. Performance & Sizing

  • Peak RPS (requests per second) and total connections per app?

  • SSL/TLS offload requirements (certificate count, cipher suites)?

  • Latency tolerance (ms overhead acceptable)?

  • Do you require load testing before production rollout?

7. Support & Ownership

  • Who will manage WAF policies (Security team, DevOps, App owners)?

  • Is 24/7 support required, or business hours only?

  • What is the expected SLA for incident response?

Best,
Andy

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events