Table of Contents
Advertisement
To compare the variable(s) to more than one value, you can enter multiple values separated by spaces
into the Value field, and select the Matches Keyword operator. Delimiting by spaces only works if the
Matches Keyword operator is selected.
•
Anti-Evasive MEASUREs – This field allows you to apply measures beyond those supported by the
Operators field, especially to enforce Anti-Evasive protection. See
304
for more information about these measures.
The following sections provide detailed information about rules:
•
About the Tips/Help Sidebar
•
About Variables
on page
•
About Operators
•
About Anti-Evasive Measures
•
Example Use Cases for Rules
•
Deleting a Rule
on page
•
Cloning a Rule
on page
•
Adding or Editing a Rule
About the Tips/Help Sidebar
You can select a variable in the Variables drop-down list to display more information about that variable in the
Tips/Help sidebar. The sidebar explains when each variable would be used and where it is found in the HTTP
protocol. An example use case is provided for each variable.
You can also select an entry in the Anti-Evasive Measures drop-down list to display more information about it
in the Tips/Help sidebar.
The sidebar also provides context-sensitive search. When you click on a variable and then search for a particular
keyword, the search results are only related to variables.
About Variables
Variables are HTTP protocol entities that are scanned by Web Application Firewall to help identify legitimate or
illegitimate traffic. Multiple variables can be matched against the configured value in the Value field. The '+'
and '-' buttons allow you to add variables from the Variables drop-down list or delete them from the list of
selected variables.
You can combine multiple variables as required to match the specified value. If multiple variables are
configured, then the rule is matched if any one of the configured variables matches the target value.
A variable can represent a single value or a collection. If a variable represents a collection, such as Parameter
Values, then a specific variable within the collection can be configured by entering its name in the selection
text box to the right of the colon (:). For example, the value for the URI or Host variable is unique in each
HTTP(S) request. For such variables, the selection text box is not displayed. Other variables, such as Request
Header Values and Response Header Names, represent a collection.
If you need to test the collection itself against an input, then you would leave the selection text box empty.
However, if you need to retrieve the value of a specific item in the collection, you would specify that item in
the selection text box. For example, if you need to test if the parameter password exists in the HTTP(S)
request, then you would configure the variable Parameter Names and leave the selection text box empty. You
would set the Operator to String equals and the Value to password. But, if you want to check whether the
value of the password parameter matches a particular string, such as "foo," then you would select the
Parameter Values variable and specify password in the selection text box. In the Value field, you would enter
foo.
Table 34
describes the available variables.
on page
301
301
on page
303
on page
304
on page
305
307
308
on page
308
About Anti-Evasive Measures
Dell SonicWALL Secure Mobile Access 8.5
Administration Guide
on page
301
Advertisement
Chapters
Table of Contents
Troubleshooting
