How I do that Administrators simply need to make a DNS change to redirect traffic to go through the Qualys' global network of proxy servers. ?
for was deployment ?
Right, you can :
- assign 190.117.x.x to the appliance (although I suggest using a firewall to NAT the packets to a private ip).
- assign a new (private) ip to your web server.
This way you won't need to change the DNS record. I propose you get in contact with your Qualys TAM and reach out to me offline in order to get into the details of your topology.
First, the website's FQDN should "point" to your virtual appliance (on premise), which then forwards HTTP traffic to the backend server. Pointing to the appliance requires a NAT rule on the firewall, or indeed a DNS record modification if the Virtual Appliance uses a public ip addressing.
Second, the appliance communicates with Qualys Platform thanks to a local environment variable, which the "waf_service_url" key (please ssh your appliance and type "set", or "help"). It is based on the Qualys POD used by your subscription (US pod 1/2, or EU). Of course you can force the appliance to use a specific DNS server if needed.
Does it answer your question ?
Thankyou Remi for your answer but I think I understand for example
my DNS in my website
in my virtual appliance I need put other a new public Ip or the actual public ip 190.117.x.x (website Server)
and the website server move to the LAN and redirect the traffic waf on port 443 trough the website server?
Configure the domain www.example.com over waf ?
Retrieving data ...