It is recommended to use detection only mode in the beginning. Mode delegation - In this mode, WAF rules can overwrite the policy, where specific action (detection or enforcement) can be defined for a single rule, irrespective of the action defined for the rule set.If configured, the specific action takes effect over the default action. This default action is configured in the WAF profile. Enforcement - In this mode, WAF policy will evaluate and block the request based on the defined default action.A log entry is created when this request is flagged. Detection - In this mode, WAF policy will evaluate the incoming request.The profile contains common reusable settings that complement the WAF policy.Ĭlick on the required mode. Provide the following details to configure the WAF policy: FieldĮnter the WAF profile that should be attached to this policy. To create a new policy, navigate to Templates > WAF > WAF Policy and click on Create. Note: For customizing a policy, it is highly recommended to create a new policy instead of editing the default policy (System-WAF-Policy). System-WAF-Policy is the default policy in Avi Vantage that contains OWASP CRS 3.0 rules. Navigate to Templates > WAF > WAF Policy to locate the default policy. This policy is enabled by associating it with a virtual service. WAF policy is a specific set of rules that protects the application. This document discusses intelligent web application firewall (iWAF) configuration on Avi Vantage and covers the following sections:
0 kommentar(er)
