Profile

Angfe Landagan

Contact Details

1 to 20 of 29 total

Splunk on-prem integration to cloud waf

Posted By Angfe Landagan 07-18-2023 03:50
Found In Egroup: Imperva Cyber Community \ view thread
Hi, I would like to know the experience in configuring splunk siem onprem to cloud waf integration. Couple of questions; 1.the incapsula.spl , can this be modified or just load it to the splunk and no further configurations needed? 2.what is the firewall requirements, port, services eg: between ...

[MX] Implementing 2FA on MX management access

Posted By Angfe Landagan 07-18-2023 01:20
Found In Egroup: Imperva Cyber Community \ view thread
Hi, Im thinking if there are ways to configure this 2FA from an on-prem MX device. Are there available options from the webui or cli of the MX to do this? What happens on the password expiration duration of that user local to the MX? Or if this is even recommended Thanks, A #On-Premis ...

RE: Monitoring Resources - MX and GWs

Posted By Angfe Landagan 07-03-2023 01:49
Found In Egroup: Imperva Cyber Community \ view thread
Thank you Jaired, appreciate the link you provided. one more question, i tried the df -ah on the mx and waf devices AND would like to inquire for monitoring purposes; -what are the directory to watch in terms of disk size? e.g /etc/var or /log? -also in the free --m options, the most ...

Monitoring Resources - MX and GWs

Posted By Angfe Landagan 06-29-2023 22:13
Found In Egroup: Imperva Cyber Community \ view thread
Hi, Im just wondering if there's a nice view (comprehensive) reporting on the MX and GW resources vai the webui with the ff: contents; 1.MX -utilization over time (e.g: 1 week span) , we only have last day and last hour options. -interface utilization -memory utilization ...

RE: IASC: Imperva Application Security Certification

Posted By Angfe Landagan 05-22-2023 05:43
Found In Egroup: Imperva Cyber Community \ view thread
Hello Sarah, Unfortunately the link for the IASC certification was removed. Im not sure if this is due to the 180 day period. Is it possible to enable the access so I can take the exam? Thank you. Angfe ------------------------------ [Leangf] ------------------------------

RE: Find traffic data

Posted By Angfe Landagan 05-22-2023 03:55
Found In Egroup: Imperva Cyber Community \ view thread
Hello Urvin, 1. Average Egress & Ingress traffic in WAF? >Maybe please try checking the output of the command below and look for the application with Kbps remark cat /proc/hades/status --->this command gives you atleast the applicative traffic passing through your gateway or watch -d -n ...

IASC: Imperva Application Security Certification

Posted By Angfe Landagan 04-25-2023 06:36
Found In Egroup: Imperva Cyber Community \ view thread
Hello, Does the following guides sufficient enough to pass this certification and ofcourse the EXPERIENCE. Imperva Web Application Security Firewall User Guide - Imperva SecureSphere Admin Guide Just checking. Thanks, #On-PremisesWAF(formerlySecuresphere) ------------------------------ ...

RE: How to Identify Encryption is enabled or disabled on databases

Posted By Angfe Landagan 02-07-2023 04:45
Found In Egroup: Imperva Cyber Community \ view thread
Hello Vishal, You can easily find it using the Alerts Dashboard and filter the ip address of your server involved as a start. From there, click on the details of that report. It will give you the information of the protocols, ciphers etc used. hope this helps. A ------------------------------ ...

RE: Security Assessment

Posted By Angfe Landagan 02-07-2023 04:43
Found In Egroup: Imperva Cyber Community \ view thread
Hi Jose, The details in the report generated by your cloud waf have also the recommendations. Are you on-boarded website policies have the DDoS turned on? TNX, A ------------------------------ [Leangf] ------------------------------

RE: Importing only the sites (servers) to a new MX not the whole .tgz backup

Posted By Angfe Landagan 12-13-2022 05:27
Found In Egroup: Imperva Cyber Community \ view thread
Thanks mandie, Does this also include the TRP config and all its server sites certificates assigned? TIA, A ------------------------------ [Leangf] ------------------------------

RE: Gateway Performance Profiling

Posted By Angfe Landagan 12-12-2022 22:06
Found In Egroup: Imperva Cyber Community \ view thread
Hi David, From the exported gti, how do we confirm that the profiling is enabled on that gateway? The data showed none from the (Admin>System Performance> Gateways & Agents. Im running v14.6. TIA, A ------------------------------ [Leangf] ------------------------------

RE: Block invalid IP

Posted By Angfe Landagan 12-08-2022 02:15
Found In Egroup: Imperva Cyber Community \ view thread
Hi Jorge, Or you can check the events/alerts being hit by those non-valid iPs you've mentioned then set an action to block if it has an action - None. Alerts/Violations then filter that specific site that you wanted your policy to be applied. My 2 cents. Thank you. A

Importing only the sites (servers) to a new MX not the whole .tgz backup

Posted By Angfe Landagan 12-08-2022 02:06
Found In Egroup: Imperva Cyber Community \ view thread
Hi, Having this thought for quite some time as I had a previous experience doing an MX replacement - old mx to new mx (model) of which I had to recreate the whole 30 sites and policies. Is there a way or process to seamlessly do this by just the sites database created and not the whole .tgz file ...

RE: Removing gateways from MX

Posted By Angfe Landagan 12-08-2022 01:56
Found In Egroup: Imperva Cyber Community \ view thread
Hi Chris, Removing/unregistering the gateway from the MX , standalone or clustered can be found in this link. https://docs.imperva.com/bundle/v13.6-administration-guide/page/7273.htm It is a straightforward process and should be no problem. Hope this helps. A Thanks

remove a gateway from the cluster

Posted By Angfe Landagan 10-14-2022 11:55
Found In Egroup: Imperva Cyber Community \ view thread
Hi Folks, I want to remove my existing gateway from the gateway cluster by just unregistering it from the MX management or from the gateway itself via ssh? Is this just a straightforward approach (unregister) or there are steps involved in doing this? Thanks, A #On-PremisesWAF(formerlySec ...

RE: v1gateway v4.1 backward compatibility with M120 v13.3

Posted By Angfe Landagan 09-25-2022 05:38
Found In Egroup: Imperva Cyber Community \ view thread
Thanks for the inputs. There was a reason why we must delay the update of the MX from 13.3 to 14.1 that is why we will add first the new 14.1 device to the management 13.3 version. If all is GOOD. we will then schedule the 13.3 MX upgrade to 14.1. So the environment will look like this; MX- ...

v1gateway v4.1 backward compatibility with M120 v13.3

Posted By Angfe Landagan 09-23-2022 04:01
Found In Egroup: Imperva Cyber Community \ view thread
Hi experts, Can the gateway running version 14.1 be added to the management platform running 13.3? I assume downgrade is not feasible - downgrade gateway v141. to v13.5. Hope some can provide feedback. tnx. A #On-PremisesWAF(formerlySecuresphere)

[BOT Protection] License integration for on-prem WAF

Posted By Angfe Landagan 09-11-2022 21:38
Found In Egroup: Imperva Cyber Community \ view thread
HI Community, Anyone who tried integrating the BOT Protection license on your ON-PREM WAF device? What are the prerequisites. I need to conduct a POC with this feature on an ON-PREM waf running version 14.3 Thanks, A #On-PremisesWAF(formerlySecuresphere)

RE: Cluster activation problem

Posted By Angfe Landagan 09-07-2022 07:30
Found In Egroup: Imperva Cyber Community \ view thread
Hello, From the documentation, i would highly recommend to have the version to 14.5 after checking all the needed licenses (MX and GW). Couple of logs to look for at least, depending on your preference; 1.) From the cli; impctl show log | grep ERROR impctl show log | grep "Data Sync" 2. ...

RE: How to audit CLI output executed by an admin

Posted By Angfe Landagan 06-27-2022 02:03
Found In Egroup: Imperva Cyber Community \ view thread
Hi, Anyone checked on this one? May i know what log files or folders to look into on the MX or GW? I couldnt find any on the MX Tech info and GW. Thanks,