This topic details the steps to create a Positive Security Group.
Procedure
- From the Avi Load Balancer UI, navigate to Templates > WAF > WAF Policy.
- Click Create or Edit an existing WAF Policy.
- Enter the required details under the Settings tab.
- Click the Positive Security tab.
- Create a new Positive Security Group by clicking on the more icon (three dots) and then clicking Create.
- In the New Positive Security Group screen, enter the details as shown below.
Field
Description
Additional Information
Group Enabled
Toggle this slider to enable or disable this WAF rule group.
Name
Enter a relevant name for the policy.
Description
Enter a description to identify the group.
Learning Group
Select this check box to enable learning for the group.
This field cannot be changed after the group is created.
Hit Action
Select Allow parameter or No operation from the drop-down menu.
If a rule in this group matches the
match_value
pattern, this action will be executed.Miss Action
Select either Block or No operationfrom the drop-down menu.
If a rule in this group does not match the
match_value
pattern, this action will be executed.Location
Click Add Location to add a location and configure Match Type and Argument Rules for this Positive Security Group. For more information on adding a location, see Creating a Location.
Positive Security rules are created in locations. Locations are derived from URLs.
- Click Save.