Sophos XGS is a web application firewall that’s designed to protect your organization from the threats of today and tomorrow. It provides powerful protection against hackers, malware, and other cyber-threats.
The sophos utm waf troubleshooting is a tutorial that shows how to configure the Sophos XGS firewall.
Vincent Sophos 0 Vincent Sophos 0 Vincent Sophos 0 Vincent Sophos 0 Vincent Sopho
Overview
The article explains how to set up the Sophos XGS firewall’s Web Application Protection functionality. Instead of using a Web server like NAT, the Sophos firewall will simulate direct contact with clients outside the Internet with WAF. This will help to safeguard the Web server from external threats while also ensuring that web traffic remains consistent.
Diagram
Steps to Configuration
- Set up the Ubuntu web server with a local IP address of 172.18.18.50/24.
- Configure the Sophos XGS’s WAF capability to connect to a public Ubuntu web server.
- External access to the web server
- Result
How to set it up
Set up the Ubuntu web server with a local IP address of 172.18.18.50/24. www.test.com is the domain name.
Configure the Sophos XGS’s WAF capability to connect to a public Ubuntu web server.
- Create an Ubuntu web server and host it on a Sophos XGS.
- Go to SYSTEM -> Choose Hosts and services -> Choose IP host -> Click Add
- Fill in your name here.
- Choose IPv4 as the IP version.
- Choose IP as a type.
- In terms of IP address: Enter the Ubuntu web server’s IP address.
- Save the file.
- On the Sophos XGS, create a web server.
- Go to PROTECT -> Choose Web server -> Choose Web servers -> Click Add
- Fill in your name here.
- In Host, select the previously built Ubuntu web server as the host.
- Because the web server does not have an SSL certificate, choose Plaintext (HTTP) (choose Encrypted (HTTPS) if the web server does have an SSL certificate).
- Keep the default port in Port.
- Keep alive is enabled.
- Save the file.
- Go to PROTECT -> Choose Rules and policies -> Choose Firewall rules -> Click Add firewall rule -> Choose New firewall rule
- Fill in your name here.
- Choose top in the rule position.
- Choose None in the Rule group.
- In Action: Select Protect with Web Server Protection from the drop-down menu.
- In the address of the host: Select the WAN port through which the remote client will connect.
- If the web server does not have an SSL certificate, select 80 as the listening port; if the web server does have an SSL certificate, select HTTPS with port 443 as the listening port.
- If you choose HTTPS, select an SSL certificate that was created previously (see import instructions below) **
- Enter your web domain in the Domains section.
- In Web server, select the web server that was previously created.
- Advanced: Select the web server security features that you want to protect.
- If you want to keep the request from the client to the web server, select Pass host header.
- If the web server’s public domain name differs from the web server’s local domain name, select Rewrite HTML.
- If you don’t want traffic to be compressed when accessing the web server, select Disable compression support.
- Save the file.
** If a web server’s SSL certificate is available, follow the instructions to add it.
- Install an SSL certificate on your computer if one is already installed on your Ubuntu web server.
- Go to SYSTEM -> Choose Certificates -> Choose Certificates -> Click Add
- Upload two files: a certificate and a key.
- Save the file.
Allow external access to the web server
Because the domain test.com is not registered in my lab, you’ll need to change the hosts file on the external system that wishes to connect to the web server.
- On Windows 10, navigate to C:WindowsSystem32driversetc to edit the hosts file.
- Copy file hosts to the desktop and open the hosts file with notepad-> Then add the following line -> Click Save
- Then, on the desktop, copy the updated hosts file and paste it over the original hosts file in the C:WindowsSystem32driversetc folder.
- Then go to the domain test.com and log in.
Result
- Sophos XGS traffic monitoring
YOU MIGHT ALSO BE INTERESTED IN
The sophos waf datasheet is a document that provides information about the Sophos XGS. It includes the configuration and settings for the firewall as well as other features such as intrusion detection, file integrity monitoring, and more.
Frequently Asked Questions
How do I enable WAF in Sophos XG?
To enable WAF, you will need to go into the Sophos XG interface and select WAF under the Security tab.
Is Sophos WAF?
How do I configure my Sophos XG Firewall?
To configure your firewall, you need to know the IP address of your computer and the name of your network. If you dont know what the IP address is, please contact your internet service provider.
Related Tags
- sophos xg web application firewall
- sophos xg v18 waf configuration
- sophos waf
- sophos xg v18 web server protection
- sophos xg waf rewrite html
About The Author
