Web Application Firewall

Virtualize a back-end Web application
=============================
The Web application firewall service in DataPower can execute a security policy on messages that arrive in the DMZ before sending them to a back-end Web application.

WAF can also handle rate limit request and enforce an AAA policy but in our example, we are just virtualizing the host and secure the connection to the back-end Web application.

These tasks may also be performed on J2EE application servers such as WebSphere Application Server, but configuration using the DataPower management interface is much easier and does not require custom code.

For example let’s try to virtualize Citibank website and provide access with http connection by integrating with DataPower WAF.
https://www.online.citibank.co.in/

Refer the below steps to achieve the scenario.

Step1: In the DataPower Control Panel, click Web Application Firewall:

Step2: Click Add wizard. The wizard then asks you a series of questions to generate a WAF service.

Step3: Name of WAF: CitiBankProxyApp

Step4: Backend web application details

            https backend default port is: 443

            http backend default port is: 80

Step5: Configure forward crypto profile for the https secure connection to Citibank application.

Step6: Configure the FSH details.

Step7: Configure rest all to default, just click next in all screens till we see the finial screen to commit the application.

And click on commit in the last screen

Step 8: Now access the Citibank Application using the FSH IP and port

 http://192.168.136.128:1234/