The image is intended to filter incoming Nginx HTTP/HTTP(s) requests to the server and contains the following components:
- Nginx latest version (Stable);
- Dynamic module Nemesida WAF;
- Nemesida AI MLA machine learning agent.
To deploy, you need to do the following:
1. Create a VM with the dynamic module Nemesida WAF;
2. Perform basic configuration of Nemesida WAF modules in the file
nwaf_license_key – Nemesida WAF license key;
nwaf_sys_proxy – proxy server address (if used);
nwaf_api_proxy – the address of the proxy server (if used) to access the Nemesida WAF API;
nwaf_api_conf – the address of the Nemesida WAF API server for sending information about detected anomalies;
nwaf_rmq – connection parameters to the local RabbitMQ service on the server with Nemesida WAF.
Received by the Nemesida WAF dynamic module requests is sent for storage to the local RabbitMQ service, from where it is collected for subsequent processing by the Nemesida AI MLC module. The process of receiving data by the Nemesida AI MLC module is recommended to be performed using a secure connection.
To do this, make changes to the configuration file
/etc/rabbitmq/rabbitmq.conf on each VM with the dynamic module installed.
Configuration example for
listen 5673 ssl;
listen 5673 ssl; parameter specifies the port on which the server will accept requests with a secure connection.
For security reasons, it is recommended to allow access to servers only from the IP addresses of virtual machines where the Nemesida AI MLC module is installed, and certificates used for secure connection must be trusted for them.
3. After making changes, restart the services:
# systemctl restart nginx mla_main nwaf_update
4. Create a user of the RabbitMQ service for remote connection of the Nemesida AI MLC module:
# rabbitmqctl add_user USER PASSWORD
# rabbitmqctl set_permissions -p / USER ".*" ".*" ".*"
PASSWORD are the username and password for connecting the Nemesida AI MLC module.
5. Complete the module setup using the Nemesida WAF Cabinet.