Skip main navigation (Press Enter).

Imperva Cyber Community

View Only

Back to discussions

Expand all | Collapse all

Is WAF Gateway Fail-Open during boot from USB / Re-image?

Ken Chau03-21-2023 22:43

Hi folks, I would like to boot my WAF gateway (single box) from USB and re-istall a new version image ...

Marat Makhlin04-03-2023 05:32

Bypass mode (fail-open) is intended to work when WAF gateway appliance is shut down. As reinstallation ...

1. Is WAF Gateway Fail-Open during boot from USB / Re-image?

Like
Ken Chau
Posted 03-21-2023 22:43
Hi folks,

I would like to boot my WAF gateway (single box) from USB and re-istall a new version image in it. During this process, would the WAF gateway be Fail-Open and allowing web traffic to go through the data plane?

Anyone has such experience to share, thanks a lot.

#On-PremisesWAF(formerlySecuresphere)

------------------------------
Ken Chau
IT Manager
------------------------------
2. RE: Is WAF Gateway Fail-Open during boot from USB / Re-image?

Like
Marat Makhlin
Posted 04-03-2023 05:32
Bypass mode (fail-open) is intended to work when WAF gateway appliance is shut down. As reinstallation procedure consists of chunks when gateway runs, when it does not run and when it reboots, I am not sure that bypass mode can ensure uninterruptable traffic flowing via gateway interfaces. Therefore we would recommend to perform reinstallation or upgrades during maintenance window with re-routing traffic to another WAF gateway (if exists) or directly to the web applications/servers.

BR,
Marat Makhlin
On-Prem Tech Lead.

------------------------------
MaratMakhlin
------------------------------

Powered by Higher Logic

Global message icon