So I have been running this WAF for a few mins and I already just don't see the point.
I could just add a Untangle in Bridge mode behind any nginx/apache reverse proxy and get better function than this gives me.
This product allow you to create one VIP* per deployment.
ex you have three sites
siteone.com
sitetwo.com
sitethree.com
You want to protect them all with an WAF solution.
I see no way in my current setup how I would be able to set up 1 or 2 Untangle WAF's to solve this.
I would always have 1 site 1 WAF or if i also want HA on the WAF segment I would have 2 WAF's for every site.
In my current setup we do all our VIP/LB/WAF with a HA cluster of 2 Nodes and a few hundred sites.
I might just not know how this WAF is supposed to be used but I do not see any way how to create my own rules or SNI routing.
ex one single Untangle WAF:
siteone.com (upstrem servers 1.1.1.1, 1.1.1.2 ,1.1.1.3 Cert: 1)
sitetwo.com (upstrem servers 1.1.1.4, 1.1.1.5 ,1.1.1.6 Cert: 2)
sitethree.com (upstrem servers 1.1.1.7, 1.1.1.8 ,1.1.1.9 Cert: 3)
Is this out of scope for the product?
(I mean the nginx running in the background do have this feature)
The GUI do look good just functionality i am missing. (And ffs add support for Lets-encrypt)