Application Rules for Avi Pulse
Overview
This guide explains the Application Rules Service of Avi Pulse.
Applications Rules are WAF rules provided by Avi Vantage via a third-party signature provider. These rules protect against specific well-known vulnerabilities for specific applications.
This is different from Avi Vantage’s Core Rule Set (CRS) , where rules are protecting against generic attack classes.
Application Rules Service
The default rule set object contains rules for more than 5000 different applications.
Once the Controller is registered with Avi Pulse (refer to Registering Avi Pulse for more details), you can opt-in for Application Rules service, the ruleset will be automatically updated on Controller periodically.
If you are already registered, you can opt-in or opt-out Application Rules service. Click on the Pencil icon, the opt-in page will be opened to modify.
You can enable the Application Rules service on an Avi Controller by checking the Application Rules option.
By default Application Rules Sync Interval is set to 1 day (1440 minutes) (recommended). 60 minutes is the minimum allowed value.
After successful sync, the rule DB is deployed on the Controller as shown below:
Viewing Events for Debugging Application Rules
You can view events for debugging Application Rules issues as follows:
Success Event:
Failure Event:
Additional Reading
Document Revision History
Date | Change Summary |
---|---|
April 15, 2021 | Published Application Rules Guide |