WAF signatures is one of the security services delivered through Pulse. WAF signature service is based on Opt-In basis, which is disabled by default.

  • The NSX Advanced Load Balancer WAF protects web applications from common vulnerabilities as identified by Open Web Application Security Project (OWASP), such as SQL Injection (SQLi) and Cross-site Scripting (XSS), while providing the ability to customize the rule set for each application.

  • WAF Signatures are published (Core Rule Set) every quarter using a controlled release management process.

  • Once the WAF signatures are published, it is available on NSX Advanced Load Balancer Pulse portal. For more information refer to Pulse and WAF Core Rule Set.

You can deploy latest WAF signature data on to the Controller available for applications to utilize it.

The following are the two ways to deploy WAF signature data on the Controller:

  • Automated

  • Manual

Automated WAF Signatures Update

You can check Auto Download WAF Signatures option in Opt-In settings window to deploy automatically. It is required to register the controller to Avi Pulse to select the opt-in options to enable the feature. For more information refer to Pulse.

Automated deployment of WAF signatures gets enabled only when it is explicitly opted in from Pulse Opt-in page.

  • Automated workflow gets enabled once WAF signature service is opted in.

Manual WAF Signatures Update

You can check WAF Signatures Notifications option in Opt-In settings window to receive a notification when new Signatures are available.

If you have not opted-in for auto deployment of WAF signature data on to the Controller, the Controller will not deploy the latest data automatically on it, instead an event with download link to download the data file will be generated.

  1. You can click on this link to download the WAF signature data file on to the local system.

  2. You need to upload the same file to the Controller manually by following the below:

    • Navigate to Templates > WAF > CRS.

    • Click on Upload File button to upload WAF signature files.