Dell SonicWall SRA 4200 Administrator's Manual page 243

attacks. You can also clear the global Enable Web Application Firewall check box to
temporarily disable Web Application Firewall without losing any of your custom configuration
settings.
You can enable automatic signature updates in the General Settings section, so that new
signatures are automatically downloaded and applied when available. A log entry is generated
for each automatic signature update. If a signature is deleted during automatic updating, its
associated Exclusion List is also removed. A log entry is generated to record the removal. You
can view the log entries on the Web Application Firewall > Log page.
Cross-Site Request Forgery protection settings are also available on this page. When a CSRF
attack is detected, log entries are created in both the WAF > Logs and Logs > View pages. For
more information about CSRF/XSRF attacks, see
Prevented?" on page
To configure global settings for Web Application Firewall, perform the following steps:
On the Web Application Firewall > Settings page, expand the General Settings section.
Step 1
Select the Enable Web Application Firewall check box.
Step 2
A warning dialog box is displayed if none of the signature groups have Prevent All already
Step 3
selected. Click OK in the dialog box to set all signature groups to Prevent All, or click Cancel
to leave the settings as they are or to manually continue the configuration.
Select the Apply Signature Updates Automatically check box to enable new signatures to be
Step 4
automatically downloaded and applied when available. You do not have to click the Apply
button on the Web Application Firewall > Status page to apply the new signatures.
Select the desired level of protection for High Priority Attacks in the Signature Groups table.
Step 5
Select one of the following options:
•
•
•
Select the desired level of protection for Medium Priority Attacks in the Signature Groups
Step 6
table.
Select the desired level of protection for Low Priority Attacks in the Signature Groups table.
Step 7
When finished, click Accept.
Step 8
Configuring Global Exclusions
There are three ways that you can exclude certain hosts from currently configured global Web
Application Firewall settings. You can completely disable Web Application Firewall for certain
hosts, you can lower the action level from Prevent to Detect for certain hosts, or you can set
Web Application Firewall to take no action.
The affected hosts must match the host names used in your HTTP(S) bookmarks and Citrix
bookmarks, and the Virtual Host Domain Name configured for an offloaded Web application.
65.
Select the Prevent All check box to block access to a resource when an attack is detected.
Selecting Prevent All automatically selects Detect All, turning on logging.
Clear the Prevent All check box and select the Detect All check box to log attacks while
allowing access to the resource.
To globally disable all logging and prevention for this attack priority level, clear both check
boxes.
"How is Cross-Site Request Forgery
Web Application Firewall Configuration | 243