Imperva Cyber Community

Hi Community,

I am trying to review the ADC and Default Security Policies on the WAF. However, it raised some concerns while i found out there are few high severity policies but not configured as blocking by default.

1) How Imperva set the Security Policies severity and block or without blocking on the policy?
2) Is it recommend for us to enable blocking on those high severity policies that previous set as no blocking action by default?
3) What is the reason Imperva did not set those high severity policies to blocking mode?

Thank you.
#On-PremisesWAF(formerlySecuresphere)

------------------------------
kahhou looi
------------------------------

Hi Kahhou,

The Imperva default security policies should be adjusted and tuned to the environment.
Could you please specify policies you are talking about or maybe specific rules inside the policies?
We usually recommend to apply new policies as Alert Only during the tuning period (of 2 weeks) and then after reviewing the alerts, moving to Blocking.
Best,

------------------------------
Ira Miga
Imperva
Knowledge Engineer
------------------------------

Original Message:
Sent: 08-16-2020 12:53
From: kahhou looi
Subject: Imperva SecureSphere WAF Default Security Policies with High Severity

Hi Community,

I am trying to review the ADC and Default Security Policies on the WAF. However, it raised some concerns while i found out there are few high severity policies but not configured as blocking by default.

1) How Imperva set the Security Policies severity and block or without blocking on the policy?
2) Is it recommend for us to enable blocking on those high severity policies that previous set as no blocking action by default?
3) What is the reason Imperva did not set those high severity policies to blocking mode?

Thank you.
#On-PremisesWAF(formerlySecuresphere)

------------------------------
kahhou looi
------------------------------