Baseline Protection
vWAF allows you to both customize your security configuration in great detail and to provide instant protection with very little effort. Instant protection with almost no configuration work is achieved with the help of the baseline protection feature.
You can also combine both approaches for the protection of a web application and add custom rules in addition to the predefined baselines, or you can use baseline protection for one web application (or for parts of this application) while using custom protection for another.
How it works
Essentially, baseline protection is a sophisticated regular-expression-based blacklist of known vulnerabilities and attacks. If vWAF detects a suspicious pattern within a request, it denies this request before it even reaches your web application.
On our update server we provide new baseline definitions at regular time intervals and when new types of attacks emerge. vWAF downloads these baseline rule files automatically and informs you on the Home page that new rules are ready for activation. You can also configure alerts that notify you by email or via other channels.
The rules supplied by the baselines are not applied automatically. vWAF never takes away control of your web application. You must therefore always activate the new baselines manually.
Activating a new baseline is simple. All you need to do is to run a Wizard, which automatically adds the new rules to your ruleset. After this, you can immediately commit and activate the updated configuration. For details on the process, see Configuring and Updating Baseline Protection.
For further information regarding how to set up your security configuration, see Guide: Recommended Work Sequence.