Plug and Play WAF Policies¶
For cloud environments, especially the public cloud, there are three types of WAF policies: (1) Loose, (2) Normal, and (3) Strict.
Attacks¶
Using a testbed, policies are configured for three different BIG-IP VEs. There are three types of attacks:
- Scenario A: Attacks are blocked by all three policies.
- Scenario B: Attacks are blocked by (2) Normal and (3) Strict. Attacks are allowed by (1) Loose.
- Scenario C: Attacks are blocked by (3) Strict.
Test results¶
Scenario A When the HTTP request includes the following type of JSON content with an incorrect syntax, all three policies block the request:
{ "userid": }
Scenario B When the URL length for the HTTP request is larger than a certain value (example: 100), Policy types (2) Normal and (3) Strict block this type of request.
Scenario C When the HTTP request contains JSON content (see below) in which the value in the key pair exceeds a certain value (example: 10), the policy type (3) Strict blocks the request. (1) Loose and (2) Normal allow this type of request.
{ "userid": 123456789012 }