IPDS | WAF | Rulesets

SKUDONET Web Application Firewall

The SKUDONET Web Application Firewall (WAF) is a tool that can be used to detect and block malicious HTTP traffic. It works by searching and analyzing patterns to apply advanced security policies. These rules are grouped into sets and can be applied to HTTP farms. For HTTPS traffic, WAF rules will be checked after the TLS Encryption has been terminated.

SKUDONET IPDS packages use the OWASP ModSecurity rules, but you can also create your own ruleset to protect your system against any kind of attack. If you want to read more about OWASP rules, refer to the OWASP ModSecurity Project.

By default, the OWASP ruleset uses a scoring system called paranoia levels, and the default level is 1. If you want to read more about these levels, refer to this article: Paranoia levels.

If you want to increase the paranoia level, do the following:

  1. Go to the REQUEST-901-INITIALIZATION ruleset.
  2. Click the Rules tab.
  3. Locate the rule number 901120 and edit it in Raw mode
  4. Change setvar:’tx.blocking_paranoia_level=1′ to the desired paranoia level.

The image below shows a list of preconfigured WAF rules:
oracle_jd_edwards_load_balancing_farm

Below are the descriptions for each field in the table shown in the image above.

Name: A unique name for the ruleset.
Farms: The farms to which the ruleset is applied.
STATUS: The ruleset status is represented by the following color codes:

  • Green: Enabled. The ruleset is being checked for the farms that are using it.
  • Red: Disabled. The ruleset is not enabled, so it is not having any effect on the farm.

Actions: The following actions are allowed for the status of the WAF rules:
oracle_jd_edwards_load_balancing_farm

  • Create WAF ruleset: Opens a form to create a new WAF ruleset.
  • Edit: Modify the ruleset settings or assign a farm service, if needed.
  • Restart: Reinitialize a WAF rule.
  • Start: Apply the WAF ruleset.
  • Delete: Remove a ruleset.

Next Article: IPDS | WAF | Rulesets | Create

Was this article helpful?

Related Articles

Need Support?

Can't find the answer you're looking for?
Contact Support

Download Skudonet ADC Load Balancer
Community Edition

Source Code

A versatile and installable ADC system designed for diverse vendor hardware.

DOWNLOAD SOURCE

Installable ISO 

Load Balancing as a Service alongside an ADC orchestration toolkit.

DOWNLOAD ISO
Download Community Edition

Download Community Edition

“We manage the information you provide with the sole aim of assisting with your requests or queries in regards to our products or services; applying the computer and security procedures to ensure its protection. Your data can be rectified or removed upon request but won’t be offered to any third parties, unless we are legally required to do so.” Responsible: SKUDONET SL - info@skudonet.com