Would be great if you could some help me in below queries. I am trying to automate creation of vWAF policies through API's. What is the limit of the number of applications which we can configure on a vWAF. How many applications can be created and can be mapped to host name. Is there an upper limit. As our environment may grow bigger, and it will be automated there will be a number of applications created and mapped in Application control/mapping.
Thanks in Advance.
I don’t think there is a programmatic limit to the number of applications you can provision, but of course you will need more CPU and I/O to manage the throughput and inspection load. The best way to do that is by clustering to meet the application workload - and clustering will also make it easy to push a new application mapping across all nodes in the cluster.
Which tools are you using for service provisioning and monitoring? Would be great to hear your experience on this.
Thanks for the reply. We have built these in Azure vmsets and an azure load balancer to distribute traffic. Clustering of ADC/WAF done through active/active mode. Hope this takes the load and at later stages we can add more ADC's into the cluster.
For service provisioning, we are planning to use Ansible modules / python scripts. These scripts will invoke REST API's on the WAFs for various automation. Like Policy creation, ruleset creation, adding handlers and application mapping. And a GoCD pipeline which will invoke these tasks based on Devops.