This section discusses how to configure Allowlist Rules.

To define Allowlist rules do the following:

  1. From the NSX Advanced Load Balancer UI, navigate to Templates > WAF > WAF Policy.

  2. Click Create or edit an existing WAF Policy.

  3. Enter the required details under the Settingstab.

  4. Click Allowlist tab.

  5. Click Add Rule button.

  6. In the New Allowlist Rule screen, enter the details as shown below:

Table 1. General

Field

Description

Rule Enabled

By default, the Allowlist rule is enabled.

Click the toggle button to disable it.

Name

Enter a relevant name for the rule.

Description

Enter a description to define the rule.

Sampling

Percentage of sampled traffic ranging from 0 to 100.
Table 2. Match

Field

Description

Add Match Type

Select a Match Type from the following options:
Table 3. Action

Field

Description

Action

From the following options, select the action to be performed when the request matches the criteria specified:

  • BYPASS: When Bypass is selected, WAF does not execute any further rules and the request is allowed.

  • CONTINUE: Selecting Continue stops the Allowlist execution and directs WAF to continue its activity.

  • DETECTION MODE: When enabled, the WAF Engine will be set to DETECTION MODE for that request.

The New Allowlist Rule screen is as shown below:



6. Click Save.