Alert Logic Managed Web Application Firewall (WAF) for Amazon Web Services Direct
- Review the Requirements for Alert Logic Managed Web Application Firewall (WAF) for Amazon Web Services
-
Alert Logic no longer supports ECS Classic. You must upgrade from that EC2 platform to the most current EC2 platform offered by AWS.
Launch the Managed WAF AMI
Before the Managed WAF stack can be created with the Managed WAF for Amazon Web Services (AWS) CloudFormation template, you must launch the Amazon Machine Image (AMI) to accept the license.
To launch the Managed WAF AMI and accept the license:
- Log into the Amazon Web Services console, and then navigate to the EC2 console.
- In the left navigation, select Images, and then click AMIs.
- Select the Private images filter.
- In the search field, enter the AMI ID you received in the email from Alert Logic, and then click the search button.
- Select the AMI, and then click Launch.
- Click Review and Launch.
- In Key Pair, click Proceed without a Key Pair, select the acknowledgment, and then click Launch Instances.
Terminate the AMI
When the AMI launches, you must terminate the AMI in order to avoid charges from Amazon Web Services.
To terminate the AMI:
- To terminate the AMI, follow the instructions from Amazon Web Services.
Download the Web Security Manager for AWS CloudFormation template
To download the AWS CloudFormation template:
Right-click Web Security Manager for AWS CloudFormation template, and then save the template file.
Launch the Web Security Manager for AWS CloudFormation template
Your environment must conform to system and network requirements to successfully deploy and use Managed WAF. Before you launch the CloudFormation template, ensure your environment conforms to system and network requirements. For more information, see Requirements for Alert Logic Managed Web Application Firewall (WAF) for Amazon Web Services .
- Log into the Amazon Web Services console.
- Click Services, and then click Deployment & Management.
- Click CloudFormation.
- Click Create Stack. The Create Stack wizard appears.
- Enter a descriptive name in Stack Name for easier management.
- Click Upload a Template File, and then click Choose File to locate and select the AWS CloudFormation template file you downloaded.
- Click Show Advanced Options. In Creation Timeout (minutes), select 15.
- In Rollback on Failure, click Yes.
- Click Continue.
- Complete the CloudFormation template fields.
For more information about the Managed WAF CloudFormation template fields, see Requirements for Alert Logic Managed Web Application Firewall (WAF) for Amazon Web Services . - Click Continue.
- Create and add a tag to your stack, and then click Continue.
- A summary of your stack appears. Review the information, click Continue, and then click Close.
Allow approximately 10 minutes for the stack to complete. In CloudFormation Stacks, the status of the stack is CREATE_COMPLETE
- Upload the SSL certificates to the load balancer. For more information, see Amazon's documentation on Create a Load Balancer with SSL Cipher Settings and Back-End Server Authentication.
Contact Alert Logic to claim your appliance
To contact Alert Logic to claim your appliance:
- In the US, call (877) 484-8383 and select the appropriate option.
- In the EU, call +44 (0) 203 011 5533 and do the same.
After you configure Managed WAF to protect your web site, any network change that affects Managed WAF, the web sites you want to protect, or both will prohibit Managed WAF from communicating with Alert Logic. Contact Alert Logic if you plan to make any of the following changes:
- Change or addition of static network routes that send traffic to WSM
- Changes to the backend server IP and port numbers
- Addition of new websites/backends that need WSM protection
- Changes to network configuration on the WSM itself (like changing the IP or gateway info)
- In the Load Balancer, any change to the backend web server configuration (the load balancing pool) for the protected websites including
Changes to IP addresses or ports
Addition or removal of web servers
Changes to timeout values or health checking configuration