NetScaler Console service

View relaxation rules, idle, and deny rules

January 8, 2024

Contributed by:

After you configure the learning profile, NetScaler Console starts to get a list of relaxation, idle, and deny rules.

Navigate to Security > WAF Learning > Learn Profiles.

The Learn Profiles page indicates the WAF learning profile name, total NetScaler instance associated, total WAF profile created on the instance, total learned rules, total deployed rules, and the status.
Select the profile name and click Manage Relaxation Rules.

You can view the total rules, total learned rules, total deployed rules, and total idle rules for the selected profile.
- In the Learned Rules tab, you can view the relaxed rules. Select the rule, validate, and click Add & Deploy, Deploy, Edit & Deploy, Delete, or Deploy as Deny.
  - Add & Deploy - Enables you to create a new rule with the security check options. After you create the rule, click Deploy.
  - Deploy - Enables you to deploy the relaxed rule.
  - Edit & Deploy - Enables you to edit the rule before you want to deploy. For SQL security check, you can edit the rule and change the Rule Type to Deny and then deploy.
    
    For more information, see Relaxation and deny rules for handling HTML SQL injection attacks.
  - Delete - Enables you to delete the rule without any action.
  - Deploy as Deny - For the SQL security check, you can use this option to deny requests.
- Click the Deployed Rules tab to view the deployed rules. Select a rule and choose to delete, enable, or disable the rule.
- Click the Idle Rules tab to view the idle rules that have no traffic. Click Delete if you want to delete the rule.
Note

The violation list is available until the configured grace duration. After the grace period, NetScaler Console deploys the available violations automatically.

For each configured learned profile, you can view up to 1 million learned rules.

Manage deny rules

In addition to relaxation (allow) mode, you can also configure and use the deny rules for handling HTML SQL injection attack security check. If you configure the HTML SQL Injection security check in deny mode, the detected violations are blocked.

In the Manage Deny Rules tab, you can view the denied rules for HTML SQL injection checks. Select the rule, validate, and click Add & Deploy, Deploy, Edit & Deploy, Delete, or Deploy as Relaxation.

Add & Deploy - Enables you to create a new rule with the security check options. After you create the rule, click Deploy.
Deploy - Enables you to deploy the denied rule.
Edit & Deploy - Enables you to edit the rule before you want to deploy.
Delete - Enables you to delete the rule without any action.
Deploy as Relaxation - Allows the traffic.

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

View relaxation rules, idle, and deny rules

January 8, 2024

Contributed by:

January 8, 2024

Contributed by:

View relaxation rules, idle, and deny rules

Manage deny rules

In this article