-
Low-touch onboarding of Citrix ADC instances using Citrix ADM service connect
-
-
Importing and synchronizing StyleBooks from GitHub repository
-
-
-
-
Use ADM audit logs for managing and monitoring your infrastructure
Thank you for the feedback
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已动态机器翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.
Este artigo foi traduzido automaticamente.
这篇文章已经过机器翻译.放弃
Translation failed!
All Violations
The All Violations page displays the application security violation details based on the Network, WAF, and Bot categories. To view the security violations in Citrix ADM, ensure:
-
You have a premium license for the Citrix ADC instance (for WAF and BOT violations).
-
You have applied license on the load balancing or content switching virtual servers (for WAF and BOT). For more information, see Manage licensing on virtual servers.
-
You enable more settings. For more information, see the procedure available at Setting up.
Violation categories
Citrix ADM enables you to view the following violations. Under Violation Details, you can click each violation tab to view the violation details.
| Network | WAF | Bot |
|---|---|---|
| HTTP Slow Loris | Unusually High Upload Transactions | Excessive Client Connections |
| DNS Slow Loris | Unusually High Download Transactions | Account Takeover |
| HTTP Slow Post | Excessive Unique IPs | Unusually High Upload Volume |
| NXDomain Flood Attack | Excessive Unique IPs Per Geo | Unusually High Request Rate |
| HTTP desync attack | Cookie Hijack | Unusually High Download Volume |
| Bleichenbacher Attack | Infer Content Type XML | Website Scanners |
| Segment smack Attack | Buffer Overflow | Account Takeover for Citrix Gateway |
| SYN Flood Attack | Content Type | API Abuse |
| Small Window Attack | Cookie Consistency | Content Scapers |
| CSRF Form Tagging | Keystroke and mouse dynamics based bot detection | |
| Deny URL | Scraper | |
| Form Field Consistency | Screenshot Creator | |
| Field Formats | Search Engine | |
| Maximum Uploads | Service Agent | |
| Referrer Header | Site Monitor | |
| Safe Commerce | Speed Tester | |
| Safe Object | Tool | |
| HTML SQL Inject | Uncategorized | |
| Start URL | Virus Scanner | |
| Cross-site scripting | Vulnerability Scanner | |
| XML DoS | DeviceFP Wait Exceeded | |
| XML Format | Invalid DeviceFP | |
| XML WSI | Invalid Captcha Response | |
| XML SSL | Captcha Attempts Exceeded | |
| XML Attachment | Valid Captcha Response | |
| XML SOAP Fault | Captcha Client Muted | |
| XML Validation | Captcha Wait Time Exceeded | |
| Others | Request Size Limit Exceeded | |
| IP Reputation | Rate Limit Exceeded | |
| HTTP DOS | Block list (IP, subnet, policy expression) | |
| TCP Small Window | Allow list (IP, subnet, policy expression) | |
| Signature Violation | Zero Pixel Request | |
| File Upload Type | Source IP | |
| JSON cross-site scripting | Host | |
| JSON SQL | Geo Location | |
| JSON DOS | URL | |
| Command Injection | Crawler | |
| Feed Fetcher | ||
| Link Checker | ||
| Marketing |
Note
To view the Account Takeover, Website Scanners, and Content Scrapers violations, you must configure the settings in Citrix ADM. See the prerequisite mentioned in the violation details page.
Security violations dashboard
In the security violations dashboard, you can view:
-
Total violations occurred across all ADC instances and applications. The total violations are displayed based on the selected time duration.
-
Total violations under each category.
-
Total ADCs affected, total applications affected, and top violations based on the total occurrences and the affected applications.
Violation details
For each violation, Citrix ADM monitors the behavior for a specific time duration and detects violations for unusual behaviors. Click each tab to view the violation details. You can view details such as:
-
The total occurrences, last occurred, and total applications affected
-
Under event details, you can view:
-
The affected application. You can also select the application from the list if two or more applications are affected with violations.
-
The graph indicating violations.
Drag and select on the graph that lists the violations to narrow down the violation search.
Drag and select on graph Search result 
Click Reset Zoom to reset the zoom result
-
Recommended Actions that suggest you troubleshoot the issue
-
Other violation details such as violence occurrence time and detection message
-
Behavior checks with no violations
Apart from violation details, you can visualize a 3-week traffic prediction based on the machine learning algorithm. As an administrator, this 3-week prediction enables you to:
-
Analyze the traffic pattern even if no violations are observed
-
Take troubleshooting actions for any unusual traffic patterns observed from the predictions
-
Observe that Citrix ADM is processing data, apart from the anomalies
In the Security Violations page, click the Behavior checks with no violation tab to view the 3-week traffic prediction.
The security violations are displayed. Consider that you want to view the traffic prediction for Excessive Unique IPs Per Geo.
From the example image, you can view:
-
Expected Unique IP Range – Citrix ADM has predicted the expected IP range based on the traffic pattern
-
Unique IP – Citrix ADM has predicted about 1970 unique IPs that will be transacting with the app from Malaysia
Using this data, you can proactively take precautionary steps to avoid these excessive unique IPs.
If Citrix ADM does not have any predictions for a security violation, you can view the following message:
See the Setting Up topic to ensure if all the required settings are enabled to view the app security violation details.
Thank you for the feedback
Share
Share
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select Do Not Agree to exit.