This section discusses how to configure Allowlist Rules.

To define Allowlist Rules do the following.

  1. From the NSX Advanced Load Balancer UI, navigate to Templates > WAF > WAF Policy.

  2. Click Create or edit an existing WAF Policy.

  3. Enter the required details under the Settings tab.

  4. Click Allowlist tab.

  5. Click Add Rule button.

  6. In the New Allowlist Rule screen, enter the details as shown below.

Table 1. General



Rule Enabled

By default, the Allowlist rule is enabled.

Click the toggle button to disable it.


Enter a relevant name for the rule.


Enter a description to define the rule.


Percentage of sampled traffic ranging from 0 to 100.

Table 2. Match



Add Match Type

Select a Match Type from the following options:

Table 3. Action




From the following options, select the action to be performed when the request matches the criteria specified:

  • BYPASS: When BYPASS is selected, WAF does not execute any further rules and the request is allowed.

  • CONTINUE: Selecting CONTINUE stops the Allowlist execution and directs WAF to continue its activity.

  • DETECTION MODE: When enabled, the WAF Engine will be set to DETECTION MODE for that request.

The New Allowlist Rule screen is as shown below.

6. Click Save.