1. Manuals
  2. Brands
  3. DPtech Manuals
  4. Gateway
  5. DPX8000 Series
  6. User configuration manual

DPtech DPX8000 Series User Configuration Manual

Deep service switching gateway. waf service board module v1.0
Hide thumbs Also See for DPX8000 Series:
Table of Contents

Advertisement

Quick Links

Download this manual See also: User Configuration Manual
DPX8000 Series Deep Service Switching Gateway
User Configuration Guide
WAF Service Board Module v1.0
i

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the DPX8000 Series and is the answer not in the manual?

Questions and answers

Related Manuals for DPtech DPX8000 Series

Summary of Contents for DPtech DPX8000 Series

  • Page 1 DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0...
  • Page 2 Hangzhou DPtech Technologies Co., Ltd. provides full- range technical support. If you need any help, please contact Hangzhou DPtech Technologies Co., Ltd. and its sale agent, according to where you purchase their products. Hangzhou DPtech Technologies Co., Ltd. Address: 6th floor, zhongcai mansion, 68 tonghelu, Binjiangqu, Hangzhoushi...
  • Page 3 Owing to product upgrading or other reasons, information in this manual is subject to change. Hangzhou DPtech Technologies Co., Ltd. has the right to modify the content in this manual, as it is a user guides, Hangzhou DPtech Technologies Co., Ltd. made every effort in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute the warranty of any kind express or implied.

  • Page 4: Table Of Contents

    Table of Contents CHAPTER 1 WEB APPLICATION FIREWALL 1.1 O BJECT GROUP CONFIGURATION 1.1.1 IP OBJECT GROUP CONFIGURATION 1.1.2 IP OBJECT GROUP CONFIGURATION 1.2 S ECURITY POLICY 1.2.1 D EFAULT PROTECTION POLICY 1.2.2 R EQUEST NORMALIZATION 1.2.3 C OOKIE NORMALIZATION 1.2.4 R EQUEST HEADER FIELD AND ENTITY NORMALIZATION 1.2.5 U...
  • Page 5 1.9 A GENT FIELD CONFIGURATION CHAPTER 2 PROTECTION LOG 1.10 S EVER SECURITY LOG 1.10.1 L ATEST LOG 1.10.2 L OG QUERY AND DELETE 1.11 W EB AUDIT 1.11.1 W EB AUDIT CONFIGURATION CHAPTER 3 HIGH AVAILABILITY 3.1 VRRP 3.1.1 I VRRP G NTRODUCTION TO ROUP...
  • Page 6 List of Figures Figure 1-1 IPv4 object group configuration ......................9 Figure 1-2 IPv6 object group configuration ......................10 Figure 1-3 Default policy configuration ........................10 Figure 1-4 Agent configuration ..........................10 Figure 1-5 Push configuration ..........................11 Figure 1-6 Request normalization ........................... 11 Figure 1-7 Request normalization configuration .....................
  • Page 7 Figure 1-34 Header access control........................... 22 Figure 1-35 Header access control configuration ....................22 Figure 1-36 File scan protection ..........................22 Figure 1-37 File scan protection configuration ......................23 Figure 1-38 Password crack protection ........................23 Figure 1-39 Password crack protection ........................23 Figure 1-40 CC attack protection ..........................
  • Page 8 List of Tables Table3-1 VRRP configuration items ........................35...

  • Page 9: Chapter 1 Web Application Firewall

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Chapter 1 Web Application Firewall Web application firewall has the following features:  Object group configuration  Security policy  Web passive learn  Database protection ...

  • Page 10: Security Policy

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-2 IPv6 object group configuration 1.2 Security policy 1.2.1 Default protection policy Default protection policy includes the policy configuration, agent configuration and push configuration 1.2.1.1 Policy configuration To enter the policy configuration page, you choose WAF module>...

  • Page 11: Request Normalization

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 1.2.1.3 Push configuration To enter the agent configuration page, you choose WAF module> Service > Web application firewall > Security policy > Default policy configuration > Push configuration, as shown in Figure 1-5.

  • Page 12: Cookie Normalization

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-7 Request normalization configuration 1.2.3 Cookie normalization To enter the agent configuration page, you choose WAF module> Service > Web application firewall > Security policy > Cookie normalization, as shown in Figure 1-8.

  • Page 13: Request Header Field And Entity Normalization

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 1.2.4 Request header field and entity normalization To enter the agent configuration page, you choose WAF module> Service > Web application firewall > Security policy > Request header field and entity normalization, as shown in Figure 1-10.

  • Page 14: Upload Files Check

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 1.2.5 Upload files check To enter the upload files check page, you choose WAF module> Service > Web application firewall > Security policy > Upload files check, as shown in Figure 1-12.

  • Page 15: Vulnerability Attack Protection

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-15 Download file configuration 1.2.7 Vulnerability attack protection To enter the vulnerability attack protection page, you choose WAF module> Service > Web application firewall > Security policy > Vulnerability attack protection, as shown in Figure 1-16.

  • Page 16: Information Disclosure Protection

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 1.2.8 Information disclosure protection To enter the vulnerability attack protection page, you choose WAF module> Service > Web application firewall > Security policy > Information disclosure protection, as shown in Figure 1-18.

  • Page 17: Web Hotlinking Protection

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-21 Web crawler protection 1.2.10 Web hotlinking protection To enter the vulnerability attack protection page, you choose WAF module> Service > Web application firewall > Security policy > Web hotlinking protection, as shown in Figure 1-22Figure 1-20.

  • Page 18: Sensitive Word Filtering

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-23 Web hotlinking protection configuration 1.2.11 Sensitive word filtering To enter the sensitive word filtering page, you choose WAF module> Service > Web application firewall >...

  • Page 19: Url Access Control

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-25 Sensitive word filtering 1.2.12 URL access control To enter the URL access control page, you choose WAF module> Service > Web application firewall > Security policy >...

  • Page 20: User-Agent Access Control

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 1.2.13 User-Agent access control To enter the user-agent access control page, you choose WAF module> Service > Web application firewall > Security policy > URL access control, as shown in Figure 1-28.

  • Page 21: Csrf Protection

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-31 Parameter tampering protection 1.2.15 CSRF protection To enter the CSRF protection page, you choose WAF module> Service > Web application firewall > Security policy > CSRF protection, as shown in Figure 1-32Figure 1-20.

  • Page 22: File Scan Protection

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-34 Header access control Click the Add the configuration button to create a new header access control configuration, as shown inFigure 1-27. Figure 1-35 Header access control configuration 1.2.17 File scan protection...

  • Page 23: Password Crack Protection

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-37 File scan protection configuration 1.2.18 Password crack protection To enter the password crack protection page, you choose WAF module> Service > Web application firewall >...

  • Page 24: Weak Password Protection

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-41 CC attack protection configuration 1.2.20 Weak password protection To enter the password crack protection page, you choose WAF module> Service > Web application firewall >...

  • Page 25: Website Passive Learn

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-44 Cookie hidden Click the Add the configuration button to create a CC attack protection configuration, as shown in Figure 1-45. Figure 1-45 Cookie configuration 1.3 Website passive learn...

  • Page 26: Anti-Virus Protection

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-47 Database protection Click the Add the configuration button to create a database protection configuration, as shown in Figure 1-48. Figure 1-48 Database protection configuration 1.5 Anti-virus protection...

  • Page 27: Blacklist Configuration

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-50 Blacklist cooperation 1.6.2 Blacklist configuration To enter the blacklist configuration page, you choose WAF module> Service > Web application firewall > Blacklist cooperation > Blacklist cooperation, as shown in Figure 1-51.

  • Page 28: Webpage Tampering Protection

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-54 Blacklist log query 1.7 Webpage tampering protection The webpage tampering protection allows user to configure the webpage tampering protection and server information configuration and to view the webpage tampering protection log. .

  • Page 29: Signature Management

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-57 Webpage tampering log 1.8 Signature management Signature management module displays the detailed information of signature and allows user to select the Enable/Disable/Warning options for users. It provides the customized signature configuration for users to configure 1.8.1 Detailed signature...

  • Page 30: Customized Signature

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure 1-58 Detailed signature 1.8.2 Customized signature To enter the detailed signature page, you choose WAF module> Service > Web application firewall > Webpage tampering protection > Customized signature, as shown in Figure 1-59.

  • Page 31: Signature Whitelist

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 1.8.3 Signature whitelist To enter the detailed signature page, you choose WAF module> Service > Web application firewall > Webpage tampering protection > Customized signature, as shown in Figure 1-60.

  • Page 32: Chapter 2 Protection Log

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Chapter 2 Protection log Protection log module includes server security log and web audit functions. 1.10 Sever security log 1.10.1 Latest log To enter the agent field page, you choose WAF module> Service > Protection log > Server security log >Latest log, as shown in Figure2-1.

  • Page 33: Figure2-3 Web Audit Configuration

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure2-3 Web audit configuration 1.11.1.1 Web audit log To enter the web audit log page, you choose WAF module> Service > Protection log > Server security log >Web audit log, as shown in Figure2-4.

  • Page 34: Chapter 3 High Availability

    During data communication process, software and hardware error may result network disconnection, causing data transmission failure. To avoid data communication disconnected, DPtech FW has provides Virtual Router Redundancy Protocol (VRRP) technology using back up solution when communication line or device failure, so that it ensure data communication smoothly and enhance network robustness and availability.
  • Page 35 DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Table3-1 describes the configuration items of VRRP. Table3-1 VRRP configuration items Item Description VRID Virtual router identification. A virtual router consists of a group of routers with same VRID.

  • Page 36: Monitoring

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 To configure the VRRP configuration, you can take the following steps:  Configure a number for the backup group ID number, the range is from 0 to 255, example: 1 ...

  • Page 37: Hot Standby

    DPX8000 Series Deep Service Switching Gateway User Configuration Guide WAF Service Board Module v1.0 Figure3-4 BFD option 3.2 Hot standby 3.2.1 Hot standby To enter the hot standby page, you choose Service > High availability > Hot standby > Hot standby, as shown in.

Table of Contents