Hi In the moment we are using Apache+modsecurity/Haproxy and now right we are evaluate the Riverbed Stingray with Application Firewall to see it fill our requirements. Apache is typical divide into IP:PORT:Hostname unique sections/files. As we can see Stingray is using unique IP:PORT virtual servers where the rules will use the Request Header "Host". So if we handle many hostnames we will always have to include Request Header "Host" in each rule. Is that right? In our case we will properly use minimum 500 rules in test environment on the same virtual server (port 80) and properly the same numbers of rules for another virtual server (port 443). In Apache it's easy to see the "rules" because they are in group in separate virtualhost (IP:HOST:Hostname unique) which is a separate file. How can we handle this in Riverbed Stingray? Right now we can just see all rules placed under the same virtual server in Stingray (for all hostname). In our setup we have all the Apache/HAproxy configuration files in version control. A Configuration Management system is used to generate the Apache/Haproxy configuration files from template and then push to the servers. All is just plain text files and it easy to edit and manipulated if we want to make some changes across multiples files. We can also schedule new configuration files and reload the Apache/Haproxy at a specified time. Can we somehow do the same with Riverbed Stingray? We are typical devops in our team and not network/security experts and that is why we want to try Riverbed Stingray but we still want to automate most the tasks. Thanks in advance.
... View more