How to Use WAF on HI GIO Portal
Overview
This document guides how to use WAF on the HI GIO Portal to protect your virtual services from attacks and proactively prevent threats.
Configure Allowlist Rules for a Virtual Service
Edit the WAF Signatures for a Virtual Service
Procedure
Step 1: Log in to the HI GIO portal, select Networking > Edge Gateways > Select Edge Gateway name from the primary left navigation panel.
Step 2: Select Virtual Services > Click the virtual service name on the Load Balancer menu.
Step 3: Select the WAF tab > Allowlist Rules > NEW to create a new rule.
Step 4: Enter the rule name > To activate the rule upon creation, turn on the Active
toggle > Select match criteria > Select an action to apply upon a match > Add.
Client IP Address
Select Is or Is Not to indicate whether to perform an action if the client IP matches or doesn't match the value that you enter.
Enter an IPv4 address, or an IPv6 address, or a range, or a CIDR notation.
(Optional) To add more IP addresses, click Add IP.
HTTP Method
Select Is or Is Not to indicate whether to perform an action if the HTTP method matches or doesn't match the value that you enter.
From the drop-down menu, select one or more HTTP methods.
Path
Enter a path string.
The path doesn't need to begin with a forward slash (/).
(Optional) To add more paths, click Add Path.
Host Header
Select a criterion for the host header.
Enter a value for the header.
Actions
Description
Bypass
The WAF does not execute any further rules and the request is allowed.
Continue
Stops the allowlist execution and proceeds with WAF signature evaluation.
Detection Mode
The WAF evaluates and processes the incoming request, but does not perform a blocking action. A log entry is created when the request is flagged.
You can edit the WAF signatures for a virtual service - you can change a signature mode from Detection to Enforcement or the reverse, or, if necessary, deactivate a signature or a signature group.
Step 1: In the WAF tab, under the General section > click EDIT to edit the WAF configuration
Step 2: Edit WAF general settings
Settings
WAF State
Active/Deactive
Mode
Detection: In this mode, WAF policy will evaluate the incoming request. A log entry is created when this request is flagged.
Enforcement: In this mode, WAF policy will evaluate and block the request based on the specified rules.
Step 3: In the WAF tab, under the Signature Groups section, you can see the signature groups included in your WAF policy. You can see if they are actively in use or not. You can also see the number of active rules in each group and the number of rules that have been overridden manually.
Step 4: Under Signature Groups, click the expand button on the left of the signature group you want to edit.
Step 5: To edit the signatures of a group, click Edit Signatures and select an action > SAVE.
Last updated