This section discusses the following best practices for working with WAF. Create Exceptions. Importing the CRS files and CRS Update from NSX Advanced Load Balancer Portal. Custom Rules. Vulnerability Scanner (DAST). WAF in Anomaly Score Mode. Reviewing Recommendations to Remediate False Positives. What to read next Creating ExceptionsThis section explains creation of Exceptions. Importing the CRS Files and CRS Update from NSX Advanced Load Balancer PortalThis topic discusses the steps to download the CRS JSON file from the customer portal and upload it to NSX Advanced Load Balancer. Custom RulesThis topic lists possible use cases for configuring custom rules. Upload Handling in WAFWhile handling large requests, such as a file upload, certain requests can be blocked with a 413 Request Entity Too Large message. Vulnerability Scanner (DAST)A Dynamic Application Security Testing (DAST) scanner is a tool to identify potential security issues in applications. WAF in Anomaly Score ModeThis section explains how Anomaly Scoring mode works. Reviewing Recommendations to Remediate False PositivesThe system-generated Recommendations of NSX Advanced Load Balancer help you ascertain and remediate false positives. GeoIP TransformationsThe GeoIP transformations can be used to translate an IPv4 address to either the corresponding country code (CC) or the autonomous system number (ASN) of the address. IPv6 adddress support is available in addition to the IPv4 address for the GeoIP transformation.