Results 1 to 8 of 8
  1. #1
    Untangler
    Join Date
    Jun 2018
    Posts
    49

    Default Untangle WAF beta is ready! Let us know what you think

    Following up from my recent announcement about Untangle Web Application Firewall, I am excited to share that the beta release is now available.

    For those of you interested in previewing the product and providing Untangle with feedback, you can find the beta in Command Center under the downloads area.
    Deployment options include a software appliance and a Docker container.

    We've provided documentation to get started here https://support.untangle.com/hc/en-u...-Documentation

    We have also set up a feedback site where you can share your ideas to improve the product. If you have any questions feel free to reply to this post.
    Last edited by bcarmichael; 10-15-2021 at 10:55 AM.
    csherman and feabw like this.

  2. #2
    Untangler
    Join Date
    Jul 2018
    Posts
    38

    Default

    We've also got a live demo environment available here: http://waf-demo.untangle.com:8585

    Note that if your browser automatically redirects HTTP to HTTPS, you might have issues reaching the site. We recommend Chrome or Firefox!

  3. #3
    tjk
    tjk is offline
    Untangler
    Join Date
    Apr 2021
    Posts
    46

    Default

    Note: Untangle WAF is designed to protect & load balance a single web application. If your network hosts multiple different websites or web services, each will need its own instance of Untangle WAF.

    Is this limitation going to go away at some point?

    Also, will you guys support HA WAF's in the future?

  4. #4
    Untangler
    Join Date
    Jun 2018
    Posts
    49

    Default

    Quote Originally Posted by tjk View Post
    Is this limitation going to go away at some point?

    Also, will you guys support HA WAF's in the future?
    Good questions. We are looking into the possibility of routing multiple sites through WAF. Regarding HA, we don't have a specific feature for this, but we are evaluating options and will document ways to maximize uptime by leveraging public cloud infrastructure.

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,241

    Default

    Quote Originally Posted by bcarmichael View Post
    Good questions. We are looking into the possibility of routing multiple sites through WAF. Regarding HA, we don't have a specific feature for this, but we are evaluating options and will document ways to maximize uptime by leveraging public cloud infrastructure.
    As it should be, if web apps want uptime their devs need to get them properly containerized. Why manually configure clusters when you can just let the fabric do it for you? Set it up once, and it scales up or down near infinitely automatically.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #6
    tjk
    tjk is offline
    Untangler
    Join Date
    Apr 2021
    Posts
    46

    Default

    How does this work when the waf crashes or has to be rebooted for updates, when all traffic passes through the waf?

  7. #7
    Untangler
    Join Date
    Jul 2018
    Posts
    38

    Default

    Quote Originally Posted by tjk View Post
    How does this work when the waf crashes or has to be rebooted for updates, when all traffic passes through the waf?
    WAF shouldn't need to be rebooted to apply updates: they should generally apply in-place without a restart. NGFW only requires a reboot when there's a kernel upgrade; WAF will follow the same principle.

    Since your DNS entry points to the WAF itself, rather than directly to the web server, the traffic wouldn't have anywhere to be routed to if the WAF were unavailable. (The same would be true if it's installed via ISO to a standalone hardware platform.) In short, the site would appear to be down. I suppose it might be possible to have some kind of failover/backup address in your DNS resolver that could point traffic directly to the server IP in case the WAF were unresponsive?

  8. #8
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,241

    Default

    Which would be a rather silly thing to do. There's no purpose in a WAF if you're just going to expose the app directly.

    But that's also why products in this space not only support proxing multiple apps, but also themselves support clustering.
    jcoffin likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2