WAF protection templates for common Microsoft services

Hi,

i've installed this beta on a virtual machine to have a look on these WAF templates.

The firewall profiles "Exchange Outlook Anywhere", "Exchange General" and "Exchange AutoDiscover". Are these recommended for MS Exchange 2016, or only 2010/2013.
Don't you need any exceptions?

At the moment Exchange 2016 with mor than one realserver isn't working -.-

 

I think templates for Sharepoint and Office Online also be good.

 

Greetings

Parents Reply
  • Hi logan517,

     

    Renaming the templates to reflect the supported versions is definitely a good suggestion, thank you for bringing it up. We'll look into this.

    Adding more templates for more applications is also among our plans, but at this point we don't have a committed timeline for it yet.

    Regarding issue issue with multiple Exchange servers: I understand that you cannot use the approach with the sticky session cookies, but what is the reason behind not trying to solve the issue with reverse authentication? I believe that could be a potential solution for your problem.

     

    Best regards,

    Attila Kovacs
    Product Owner, WAF

Children
  • AttilaKovacs said:
    Regarding issue issue with multiple Exchange servers: I understand that you cannot use the approach with the sticky session cookies

    I set the sicky sesstion, but this din't work

    AttilaKovacs said:
    but what is the reason behind not trying to solve the issue with reverse authentication? I believe that could be a potential solution for your problem.

    We don't want to use the reverse authentication, we want to use the "normal" authentication of clients. The users should not notice that there is a utm etc.