Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Subscribers 28 subscribers
  • Views 3811 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG as reverse Proxy for Docker Container

GernotMeyer

Hi,

when using a Docker Environment you configure a reverse proxy to publish the docker to the world (Apache or nginx).

Is it possible to skip that and use Sophos XG as Reverse Proxy instead? Otherwise you always have 2 reverse proxy in chain (not necessary I guess).

Is somebody experienced/has tips for descriptions? Didn't found until now.

Thanks for hints!

Gernot



This thread was automatically locked due to age.
Parents
  • +1

    Hi  

    Yes you can use the XGs WAF (Web Application Firewall) whereby it will point to your Docker server.  Your Docker server should be running Apache itself but not necessarily in reverse proxy mode.  The XG will  handle that part.  You can then apply various inbound scanning rules.

    Thanks! 

  • 0 in reply to KingChris

    I too am interested in knowing this.  Am using Sophos XG18, and running Unraid NAS with Docker containers.  

     

     when you say point to your Docker server, in my scenario, the Docker is on the NAS.  I access Docker containers via NAS IP:port.  Example will be 10.10.20.2:4040, another container will be 10.10.20.2:9090.  In this scenario, is the server 10.10.20.2?  Each Docker containers are considered servers?  How would I know if the NAS is running Apache?  Each Docker container is accessible via 10.10.20.2:port#. I get a webui.  Does that mean each Docker container has Apache running on each?

Reply
  • 0 in reply to KingChris

    I too am interested in knowing this.  Am using Sophos XG18, and running Unraid NAS with Docker containers.  

     

     when you say point to your Docker server, in my scenario, the Docker is on the NAS.  I access Docker containers via NAS IP:port.  Example will be 10.10.20.2:4040, another container will be 10.10.20.2:9090.  In this scenario, is the server 10.10.20.2?  Each Docker containers are considered servers?  How would I know if the NAS is running Apache?  Each Docker container is accessible via 10.10.20.2:port#. I get a webui.  Does that mean each Docker container has Apache running on each?

Children
  • 0 in reply to jang430

    Hi  

    You can create a WAF rule with 1 destination IP/port (public.ip:4040>10.10.20.2:4040) and then another rule with the other destination IP/port (public.ip:9090>10.10.20.2:9090).

    Alternatively you can create a single rule with an IP and multiple port relation (public.ip:4040:9090>10.10.20.2:4040:9090).

     

  • 0 in reply to KingChris

    Hi KingChris, 

     

    When using WAF, does it mean you're opening the server ports up for traffic to flow freely?  Is this a bigger risk than PAT (Port Address Translation)?  Considering that too, where traffic to port 12345 from outside be forwarded to internal server- specific Docker app (internal_IP:8443).  

    Are both methods acceptable?  Which do you think will work better for Docker containers?