What Is the Service?
MSU Information Technology offers a cloud based Web Application Firewall for MSU departments and units on campus. This service provides input sanitization for websites as well as a Content Delivery Network and DDOS protection.
Considerations When Adding a Site
When adding a website, please consider the following guidelines:
- Only one Production version and one Non-Production version of the website should be added to the WAF for testing purposes.
- Request each version in a separate form submission.
- If there are multiple sites on the same IP address, all websites must be added to the WAF in order to completely secure the sites and restrict access to the origin from the world.
- A valid SSL certificate that contains all subject alternative names (SANs) must be installed on the server prior to submission of this form.
- If at all possible, the goal is to take as many sites off the internet as possible. If the production site is only, or should only be, open to Campus/VPN, then the WAF is not needed.
- Final DNS cutover to the WAF will be coordinated and completed by the site owner using their change procedures.