Comodo WAF and Cassandra?

_0M0D0 · May 11, 2015, 6:38am

Is WAF compatible with Cassandra?

oleg.tsygany · May 12, 2015, 1:32pm

Hi

We will check it for compatibility.

Regards, Oleg

_0M0D0 · May 13, 2015, 1:13pm

Thank you Oleg, please let me know as soon as you find something.

Thank you again.

akabakov · May 14, 2015, 2:48pm

Hello,

we’ve researched Cassandra’s installation and work and haven’t found it’s co-operation with Apache and ModSecurity.
So, WAF should be compatible with Cassandra.

_0M0D0 · May 22, 2015, 1:59pm

Thank you Akabakov for your help. I was eagerly waiting for your answer. I do understand when you say “WAF should be compatible with Cassandra”.
I don’t get it when you say “haven’t found it’s cooperation with Apache and ModSecurity”? What does that mean?

Sorry for that.

akabakov · May 25, 2015, 9:09am

Cassandra is designed for distributed databases managing and doesn’t require web-services for work.
It means that by default, Cassandra uses the next ports:
7000 for cluster communication (7001 if SSL is enabled), 9160 for Thrift clients, 9042 for native protocol clients, and 7199 for JMX.
So, since Cassandra uses separate ports, ModSecurity and any WAF could not influence on Cassandra’s work.

But I didn’t consider that there are two web-based UI for monitoring and management:
Cassandra Cluster Admin GitHub - sebgiroux/Cassandra-Cluster-Admin: Manage your Cassandra cluster in your Web browser!
DataStax Opscenter DataStax Enterprise | DataStax

To avoid the false-positives I would like to recommend to turn ModSecurity off for these web-sites and protect them by another way, for example, to limit access from some IP-addresses.

_0M0D0 · May 25, 2015, 11:42pm

akabakov post:6:

Cassandra is designed for distributed databases managing and doesn’t require web-services for work.
It means that by default, Cassandra uses the next ports:
7000 for cluster communication (7001 if SSL is enabled), 9160 for Thrift clients, 9042 for native protocol clients, and 7199 for JMX.
So, since Cassandra uses separate ports, ModSecurity and any WAF could not influence on Cassandra’s work.

But I didn’t consider that there are two web-based UI for monitoring and management:
Cassandra Cluster Admin GitHub - sebgiroux/Cassandra-Cluster-Admin: Manage your Cassandra cluster in your Web browser!
DataStax Opscenter DataStax Enterprise | DataStax

To avoid the false-positives I would like to recommend to turn ModSecurity off for these web-sites and protect them by another way, for example, to limit access from some IP-addresses.

Ok, understood!

So COMODO WAF only operates through ports 80 and 443?

vadim · May 26, 2015, 7:24am

No, port doesn’t matter. WAF based on ModSecurity application, it’s a web application layer firewall. And it’s work with some of the popular web servers like Apache or Nginx.

So, if your application work behind Apache, Nginx or LiteSpeed and process HTTP/HTTPS requests on some port (80, 443 or 8080 or 10433 - doesn’t matter) - CWAF can be installed and protect your application.

If your application work with non-HTTP protocol or based on some other web-server (non-supported by ModSecurity) - CWAF can’t help you for now. We are working on support more popular web platforms.

In the case of Cassandra we don’t have any web application (any web interface), so WAF can’t protect it.

_0M0D0 · June 1, 2015, 2:42am

What about using WAF CLI instead of a web interface? If I use WAF’s command-line, can WAF protect Cassandra?

oleg.tsygany · June 1, 2015, 8:53am

Hi

CWAF will protect Apache/Nginx server no matter how it used: as web interface or as CLI utility.

Regards, Oleg

_0M0D0 · June 3, 2015, 2:35pm

Thanks Oleg