This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Updating a signature object
You must update your signatures objects frequently to ensure that your Web App Firewall is providing protection against current threats. You must regularly update both the default Web App Firewall signatures and any signatures that you import from a supported vulnerability scanning tool.
NetScaler regularly updates the default signatures for the Web App Firewall. You can update the default signatures manually or automatically. In either case, ask your NetScaler representative or NetScaler reseller for the URL to access the updates. You can enable automatic updates of the NetScaler native format signatures in the “Engine Settings” and “Signature Auto Update Settings” dialog boxes.
Most makers of vulnerability scanning tools regularly update the tools. Most websites also change frequently. You must update your tool and rescan your websites regularly, exporting the resulting signatures to a file and importing them into your Web App Firewall configuration.
Tip
When you update the Web App Firewall signatures from the NetScaler command line, you must first update the default signatures, and then issue more update commands to update each custom signatures file that is based on the default signatures. If you do not update the default signatures first, a version mismatch error prevents updating of the custom signatures files.
Note
The following applies to merging a third-party signature object with a user-defined signature object with Native rules and user-added rules:
When a version 0 signatures is merged with a new imported file, the resultant signatures remain as version 0.
This means all native (or built-in) rules in the imported file will be ignored after the merge. This is to ensure that the version 0 signatures are maintained as is after a merge.
To include the native rules in the imported file for merge, you must update the existing signatures from version 0 first before the merge. This means you need to abandon the version 0 nature of the existing signatures.
When there is a NetScaler release upgrade, the file “default_signatures.xml” is added to the new build and the file “updated_signature.xml” is removed from the older build. After the upgrade, if the signature auto update feature is enabled, the appliance updates the existing signature to the latest version of the build and generates the “updated_signature.xml” file.
To update the Web App Firewall signatures from the source by using the command line
At the command prompt, type the following commands:
update appfw signatures <name> [-mergedefault]
save ns config
Example
The following example updates the signatures object named MySignatures from the default signatures object, merging new signatures in the default signatures object with the existing signatures. This command does not overwrite any user-created signatures or signatures imported from another source, such as an approved vulnerability scanning tool.
update appfw signatures MySignatures -mergedefault
save ns config
<!--NeedCopy-->
Updating a signatures object from a NetScaler format file
NetScaler regularly updates the signatures for the Web App Firewall. You must regularly update the signatures on your Web App Firewall to ensure that your Web App Firewall is using the most current list. Ask your NetScaler representative or NetScaler reseller for the URL to access the updates.
To update a signatures object from a NetScaler format file by using the command line
At the command prompt, type the following commands:
update appfw signatures <name> [-mergeDefault]
save ns config
To update a signatures object from a NetScaler format file by using the GUI
- Navigate to Security > Web App Firewall > Signatures.
- In the details pane, select the signatures object that you want to update.
- In the Action drop-down list, select Merge.
- In the Update Signatures Object dialog box, choose one of the following options.
- Import from URL—Choose this option if you download signature updates from a web URL.
- Import from Local File—Choose this option if you import signature updates from a file on your local hard drive, network hard drive, or other storage device.
- In the text area, type the URL, or type or browse to the local file.
- Click Update. The update file is imported, and the Update Signatures dialog box changes to a format nearly identical to that of the Modify Signatures Object dialog box. The Update Signatures Object dialog box displays all branches with new or modified signature rules, SQL injection or cross-site scripting patterns, and XPath injection patterns if there are any.
- Review and configure the new and modified signatures.
- When you are finished, click OK, and then click Close.
Updating a signatures object from a supported vulnerability scanning tool
Note:
Before you update a signatures object from a file, you must create the file by exporting signatures from the vulnerability scanning tool.
To import and update signatures from a vulnerability scanning tool
- Navigate to Security > Web App Firewall > Signatures.
- In the details pane, select the signatures object that you want to update, and then click Merge.
- In the Update Signatures Object dialog box, on the External Format tab, Import section, choose one of the following options.
- Import from URL—Choose this option if you download signature updates from a Web URL.
- Import from Local File—Choose this option if you import signature updates from a file on your local or a network hard drive or other storage device.
- In the text area, type the URL, or browse or type the path to the local file.
- In the XSLT section, choose one of the following options.
- Use Built-in XSLT File—Choose this option if you want to use a built-in XSLT file.
- Use Local XSLT File—Choose this option to use an XSLT file on your local computer.
- Reference XSLT from URL—Choose this option to import an XSLT file from a web URL.
- If you chose Use Built-in XSLT File, in the Built-In XSLT drop-down list select the file that you want to use from the following options:
- Cenzic.
- Deep_Security_for_Web_Apps.
- Hewlett_Packard_Enterprise_WebInspect.
- IBM-AppScan-Enterprise.
- IBM-AppScan-Standard.
- Qualys.
- Whitehat.
- Click Update. The update file is imported, and the Update Signatures dialog box changes to a format nearly identical to that of the Modify Signatures Object dialog box, which is described in Configuring or Modifying a Signatures Object. The Update Signatures Object dialog box displays all branches with new or modified signature rules, SQL injection or cross-site scripting patterns, and XPath injection patterns if there are any.
- Review and configure the new and modified signatures.
- When you are finished, click OK, and then click Close.
Share
Share
This Preview product documentation is Cloud Software Group Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Cloud Software Group Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Cloud Software Group product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.