-
-
-
-
Use ADM audit logs for managing and monitoring your infrastructure
View PDF
Thank you for the feedback
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已动态机器翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.
Este artigo foi traduzido automaticamente.
这篇文章已经过机器翻译.放弃
Translation failed!
WAF learning engine
Citrix Web App Firewall (WAF) protects your web applications from malicious attacks such as SQL injection and cross-site scripting (XSS). To prevent data breaches and provide the right security protection, you must monitor your traffic for threats and real-time actionable data on attacks. Sometimes, the attacks reported might be false-positive and those need to be provided as an exception.
The Learning engine on Citrix ADM is a repetitive pattern filter that enables WAF to learn the behavior (the normal activities) of your web applications. Based on monitoring, the engine generates a list of suggested rules or exceptions for each security check applied on the HTTP traffic.
It is much easier to deploy relaxation rules using the Learning engine than manually deploy it as necessary relaxations.
The following image explains the high-level information on how the WAF learning in Citrix ADM works:
1 – Citrix ADC instances with its WAF profiles
2 – Configure a learning profile in Citrix ADM, add the WAF profiles, and select to auto deploy or manually deploy the relaxation rules
3 – Administrator can validate the relaxation rules in Citrix ADM and decide to deploy or skip
Get started
To deploy the learning feature, you must first configure a Web App Firewall profile (set of security settings) on your Citrix ADC appliance. For more information, see Creating Web App Firewall profiles.
Citrix ADM generates a list of exceptions (relaxations) for each security check. As an administrator, you can review the list of exceptions in Citrix ADM and decide to deploy or skip.
Using the WAF learning feature in Citrix ADM, you can:
-
Configure a learning profile with the following security checks
-
Start URL
-
Cookie Consistency
-
Credit Card
Note
For the credit card security check, you must configure the
doSecureCreditCardLoggingin Citrix ADC instance and ensure the setting is OFF. -
Content Type
-
Form Field Consistency
-
Field Formats
-
CSRF Form Tagging
-
HTML Cross-Site Scripting
Note
The cross-site script limitation of location is only FormField.
-
HTML SQL Injection
Note
For the HTML SQL Injection check, you must configure
set -sqlinjectionTransformSpecialChars ONandset -sqlinjectiontype sqlspclcharorkeywordsin Citrix ADC instance. -
Check the relaxation rules in Citrix ADM and decide to take necessary action (deploy or skip)
-
Get the notifications through email, slack, and ServiceNow
-
Use the dashboard to view relaxation details
-
-
Check the relaxation rules in Citrix ADM and decide to take necessary action (deploy or skip)
-
Get the notifications through email, slack, and ServiceNow
-
Use the dashboard to view relaxation details
To use the WAF learning in Citrix ADM:
WAF learning engine
Share
In this article
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select Do Not Agree to exit.