Page tree
Skip to end of metadata
Go to start of metadata

During configuration, DenyAll WAF must be assigned an operating mode. It can be:

  • Management (or Manager) : Hosts the centralized administration interface and manages configurations and logs centrally.
  • Managed : Controlled by the DenyAll WAF Manager.

Management Mode

Configurations (networks, reverse proxies, application firewalls and WAM) are applied on the appliances by a configuration server located on the manager. It is administered by the centralized administration interface, given natively access to the management and visualization of configurations and logs generated by the Managed appliances.   The administration is totally centralized once the  Box  is connected to a master appliance. 

This three-tier infrastructure makes it easy to increase the number of machines that process the application flows. 

If multiple appliances are required, the configuration server will publish the settings on the production Managed  Box . 

To set an Box in Manager mode, sign in to the DenyAll TUI.

The configuration wizard will ask for a series of items of information to perform the basic configuration of the  Box .

  1. Select the Manager mode ("Set as Management")
  2. Enter the login and password of the first user

    N.B.: This first user will be created to enable login via the Administration Interface. Note that the DenyAll TUI login/password will not be changed.

    Take care not to lose the login/password pair. Afterwards, we recommend to create several accounts via the Administration Interface.

  3. Select the network interface used for administering the DenyAll WAF
  4. Enter the administration IP of the Management Box and the subnet mask (255.255.255.0 by default)
  5. Enter the administration port for the administration interface (3001 by default). The IP / port will be used later to connect with the administration interface
  6. If necessary, enter a default gateway
  7. Decide whether or not to enable the SSH server on the Box
  8. If informations are correct, confirm the configuration

The wizard will now begin the configuration process. 

Once this is done, a confirmation message informs you that the configuration has been successfully completed and the product is ready to use. Disconnect the DenyAll TUI and use the administration interface to configure the DenyAll WAF. 

It is highly recommended to change the default DenyAll TUI password.

Managed Mode

 To set an Box in Managed mode, sign in to the DenyAll TUI.

The configuration wizard will ask for a series of items of information to perform the basic configuration of the  Box .

  1. Select the Managed mode ("Set as Managed")
  2. Select the network interface used for administering the DenyAll WAF
  3. Enter the administration IP of the Managed Box and the subnet mask (255.255.255.0 by default)
  4. Enter the administration port for the administration interface (3001 by default). The IP / port will be used later to link the Managed to the Manager
  5. If necessary, enter a default gateway
  6. Decide whether or not to enable the SSH server on the Box
  7. If informations are correct, confirm the configuration

The wizard will now begin the configuration process. 

Once this is done, a confirmation message informs you that the configuration has been successfully completed and the product is ready to use. Disconnect the DenyAll TUI.

It is highly recommended to change the default DenyAll TUI password.

Now we need  to link the Managed Box to the Manager. To do this, log on to the Manager via the administration interface.