Follow

How to Set up DNS for use with Silverline WAF

Description

  • This is an article to provide a guide/process to setting up DNS for use with Silverline WAF services
  • You must update your Domain Name System (DNS) to point to the Silverline Front-End IP address or 'Assigned DNS Name' for your application
  • Required for Silverline WAF Services to work, because it makes your incoming web traffic flow through Silverline before hitting your application

Background

  • Your web application should have an FQDN which is registered through an Internet Domain Registrar
    • Typically, that registrar will host the actual DNS server for you and will provide you with an administrative interface to allow records to be edited.  
    • However, you may have elected to host the DNS service through another provider.
  • Your application's DNS will point to either an IP address or an FQDN:
    • A records for IPv4 (used by most Silverline customers) - stores IP address
    • AAAA records for IPv6 (also supported by Silverline) - stores IP address
    • CNAME record - refers to FQDN
  • These records must be changed to point to Silverline's assigned IP address or DNS name for your application proxy.
  • When an application proxy is created, Silverline automatically assigns an IP address ("Front End Address") or DNS Name ("Assigned DNS Name") to that configuration.

 

Environment

  • Silverline WAF
    • Managed or Express
  • Proxy/Proxies

 

Procedure

  1. In the Silverline Portal, navigate to Config > Proxy/App Configuration > Proxy / App Management
  2. Locate the desired Application Proxy where you want incoming traffic to go.
  3. Under Network column, copy the Front End IP Address or Assigned DNS Name
  4. Open your Registrar (if they are hosting DNS) or your DNS hosting provider (which may be your own IT department if your company is hosting its own DNS services):
    • Change the A record from its current IP address to the Silverline Front-End IP address that you just copied from Portal
    • Or, Configure the CNAME record to refer to the Silverline "Assigned DNS Name" you just copied from Portal --For Regional Pops: Must configure CNAME, as there is no assigned Silverline IP Address.
  5. Please be patient. Update will take some time to propagate (minutes to hours, depending on your DNS hosting provider's policies)
  6. Once propagated, future requests to your application's FQDN go to Silverline (where WAF policies are applied) before being sent back to your web application.

 

Related Content

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request