Getting Started with Silverline WAF: Onboarding, Setup, and Implementation Plan

Summary of Onboarding Process for WAF

1. Customer prepares for Onboarding call, which includes the following:
   • Customer activates their Portal account (link in Welcome email).
   • Customer watches Onboarding Videos on Onboarding Videos Guide: Web Application Firewall (WAF)
2. Technical Onboarding Call (First Meeting)
   • SOC and Customer review the WAF onboarding process and configuration details
   • SOC can address any of Customer's questions or concerns.
3. Set up SSL  - Customer uploads SSL certificates and creates SSL Profiles
   
   • INITIAL SSL Workflow: How to Upload SSL Certificates, Create SSL Profiles, and Add SSL Profiles to Proxy
4. Set up Application Proxy- Customer configures application proxy
   • INITIAL Application Proxy Configuration for HTTP / HTTPS / WAF Proxy Service Type
     • How to Set up DNS for use with Silverline WAF
     • How to Test & Verify New Application / DDoS Proxies
     • How to Configure Your On-Premises Setup to Route Traffic to Silverline Proxies
5. Add SSL Profiles to Proxy
6. Create WAF Policy - Customer fills out WAF Tech Questionnaire. SOC Creates WAF Policy.
   • Download here: WAF Technical Questionnaire to Create WAF Policy
   • Q&A: What are the best practices for WAF policy implementation?
7. Add WAF Policy to Proxy
   • How to Attach WAF Policy to Proxy
   • WAF Policies default to Transparent mode.
     • Q&A: What is "Tuning" a WAF Policy? What is SOC vs. my responsibilities in this process?
   • For more details on WAF policy tuning (adjustment and maintenance), see WAF Policy Maintenance / Tuning section below.
8. Set up Log Export - Customer requests SOC to turn on Log Export. Customer configures.
   • How to Configure Log Export
9. (If applicable) Set up Threat Intelligence
   • Threat Intelligence is an add-on service
   • Threat Intelligence: Overview
   • Threat Intelligence: Configuration

Optional Configurations

• How to add users to my Silverline Portal account
• How to Setup Account Passphrases
• How To: Add an API token for API Integration
• How to Allowlist IP addresses for WAF Services

WAF Policy Maintenance / Tuning

These articles provide much more details on what happens with your WAF Policies over time:

• Q&A: What is "Tuning" a WAF Policy? What is SOC vs. my responsibilities in this process?
• Modules described in this article (WAF Setup: Blocking Phases) are the default categories/modules that are supported.
• For additional protections that can be implemented within Silverline: Q&A: What Additional Protection Does Silverline WAF Services Offer Besides the Default Blocking Modules?
• When you're ready to tune a policy, submit a WAF Violation Assessment: How to Create WAF Violation Assessments
  
  • How to Filter WAF Violations by Proxy IP in WAF Violations Assessment

Related Content

• Top 10 Most Helpful Knowledge Base Articles
• Onboarding Videos Guide: Web Application Firewall (WAF)