Configure Load Balancing when Using Cloud Guard WAF as a Reverse Proxy

CloudGuard WAF can now act as a reverse proxy with load balancing, allowing you to distribute incoming traffic across multiple upstream servers. This improves availability, scalability, and fault tolerance of your applications.

Prerequisites

  • You already have a CloudGuard WAF asset configured in reverse proxy mode.

  • Your backend applications are reachable from the WAF.

Instructions:

Step 1 – Open Your Asset

  1. Go to the Assets page in the CloudGuard WAF portal.

  2. Select the asset you want to configure.

  3. Enable load balancing

Step 2 – Configure Upstreams

  1. Click on the "Load balancer upstream setting.

  2. Choose the Load Balancing Algoritm

    • Currently only "Round Robin" is supported

  3. Provide the URL for each backend server

    • Make sure to include protocol and port if needed

Step 3 - Configure Health Check settings

provide the following details:

  • Path (Defaults to /)

  • Port (Defaults to 80)

  • Timeout setting (Defaults to 5s)

  • Interval setting (Defaults to 5s)

  • Healthy threshold (Defaults to 5)

  • Unhealthy threshold (Defaults to 5)

  • Expected status code (Defaults to 200)

Step 4 - Save and Enforce

Last updated

Was this helpful?