Web App Firewall service actions
Web and web service applications that are exposed to the Internet have become increasingly vulnerable to attacks. To protect applications from attack, you need visibility into the nature and extent of past, present, and impending threats, real-time actionable data on attacks, and recommendations on countermeasures. Security Insight provides a single-pane solution to help you assess your application security status and take corrective actions to secure your applications. Security Insight is an intuitive dashboard-based security analytics solution that gives you full visibility into the threat environment associated with your applications. You can view reports based on Application Firewall profile settings by using the Security Insight option in the Action menu of the WAF service GUI.
SSL certificate and keys
An SSL certificate, which is an integral part of any SSL transaction, is a digital data form (X509) that identifies a company (domain) or an individual. The certificate has a public key component that is visible to any client that wants to initiate a secure transaction with the server. The corresponding private key, which resides securely on the Citrix ADC appliance, is used to complete asymmetric key (or public key) encryption and decryption.
You can obtain an SSL certificate and key in either of the following ways:
- From an authorized certificate authority (CA), such as VeriSign
- By generating a new SSL certificate and key on the Citrix ADC appliance
Alternately, you can use an existing SSL certificate on the appliance.
Citrix recommends that you use certificates obtained from authorized CAs, such as VeriSign, for all your SSL transactions. Certificates generated on the Citrix ADC appliance should be used for testing purposes only, not in any live deployment.
HTML error pages
You can import HTML error objects to the application firewall by using the configuration utility. You can edit these files in a web-based text area after importing them, to make small changes directly on the Citrix ADC appliance instead of having to make them on your computer and then reimport them. Finally, you can export any of these files to your computer, or delete any of these files, by using the configuration utility.
To add HTML error pages:
The application firewall signatures function provides specific, configurable rules to simplify the task of protecting your web sites against known attacks. A signature represents a pattern that is a component of a known attack on an operating system, web server, website, XML-based web service, or other resource. You can create your own signatures by following these steps below: