How to add WAF Policy to Application Proxy
- This article assumes you've already created WAF Policies:
- WAF Policies are created by submitting the WAF Technical Questionnaire to SOC.
- SOC creates your WAF Policy then makes the policy available in your Silverline Portal account
- Then you can attach your new WAF Policy to an Application Proxy
- This article assumes you've already created Application Proxies:
- Silverline WAF
- Proxy / Proxies
- WAF Policy / Policies
- Uploaded SSL Certificates and Keys
- Created Front-end SSL Profiles
- Created the SSL/HTTPS Application Proxy and attach SSL Profile
- Created WAF Policy -- Download: WAF Technical Questionnaire for WAF Setup
- Config > Proxy Config > Proxy Management
- Click on the name of the Application Proxy you created (that you want to attach WAF Policy to).
- Click on the Service name (SSL HTTP or WAF Proxy).
- Under the Security Policies tab, select the WAF Policy from the WAF Policy Drop-down.
- WAF Policy name will be whatever you put as the “Preferred Policy Name” in your WAF Technical Questionnaire.
- For current configuration limits on the number of WAF Policies allowed per proxy, see Q&A: What are the Silverline Portal Configuration Limits?
- Click save, and your WAF Policy is now attached to your Proxy.
- When a new WAF policy is created, the default mode for all the blocking modules is Transparent mode. Once the policy is moved into Blocking mode, any traffic that causes a policy violation is blocked as well as logged.
- Tuning is the process of monitoring and adjusting WAF policies so that they are blocking malicious traffic without generating a lot of false positives.
- For more information on Tuning WAF Policies, see:
- Download: WAF Technical Questionnaire for WAF Setup
- Q&A: What is "Tuning" a WAF Policy? What is SOC vs. my responsibilities in this process?
- WAF Onboarding Video 4: WAF Policy Tuning Overview
- SSL Workflow: How to Upload SSL Certificates, Create SSL Profiles, and Add SSL Profiles to Proxy
- How to Configure a Proxy for HTTP / SSL HTTP / WAF Proxy Service Type