Forum Discussion

sandy16's avatar
sandy16
Icon for Altostratus rankAltostratus
May 04, 2015

ASM Real Traffic policy builder "tighten" settings

Hi experts, we have a security policy build using the automatic policy builder. Currently it is showing 47% complete. I was checking if it has any learning suggestions so far, so i went to Ploicy building > Status (automatic) > details. IF i expand the details under each category, lets say the 1st one - HTTP Protocol Compliance, it gives me a list of violations under it and then there`s a "enable" button. when i scroll my mouse on it. it says "accept the tighten rule". I am wondering what this means? Is it to enforce all these settings?

 

under all these violations, it states that the loosen: N/A and Tighten: Rule Satisfied.

 

I am on version 11.5.1 HF3.

 

thnx

 

ASM Advanced WAF
security

4 Replies

Sort By
  • nathe's avatar
    nathe
    Icon for Cirrocumulus rankCirrocumulus
    May 04, 2015

    Tighten simply means adding an explicit entry. In an example where you've got a wildcard fine type. You can tighten the policy by adding explicit file types, .CSS .HTML .txt etc. and then remove the wildcard. The policy is now tightened.

     

    N

     

  • sandy16's avatar
    sandy16
    Icon for Altostratus rankAltostratus
    May 04, 2015

    thanks Nathan, So does enable\tighten mean accept the violation? Something similar under manual traffic learning?

     

  • Yoann_Le_Corvi1's avatar
    Yoann_Le_Corvi1
    Icon for Cumulonimbus rankCumulonimbus
    Jun 04, 2015

    I'm not sure about that... This is True for File Types and Parameters, but for HTTP Compliance, and Evasion Techniques detected for example this Enable the settings in the "Blocking Settings" Section. Enabling those settings mean, start blocking non compliant HTTP Requests as soon as you ar in Blocking Mode.