Imperva Cyber Community

Expand all | Collapse all

Imperva SecureSphere WAF Default Security Policies with High Severity

  • 1.  Imperva SecureSphere WAF Default Security Policies with High Severity

    Posted 08-16-2020 12:54
    Hi Community,

    I am trying to review the ADC and Default Security Policies on the WAF. However, it raised some concerns while i found out there are few high severity policies but not configured as blocking by default.

    1) How Imperva set the Security Policies severity and block or without blocking on the policy?
    2) Is it recommend for us to enable blocking on those high severity policies that previous set as no blocking action by default?
    3) What is the reason Imperva did not set those high severity policies to blocking mode?

    Thank you.
    #On-PremisesWAF(formerlySecuresphere)

    ------------------------------
    kahhou looi
    ------------------------------


  • 2.  RE: Imperva SecureSphere WAF Default Security Policies with High Severity

    Imperva Employee
    Posted 08-17-2020 07:11
    Hi Kahhou,

    The Imperva default security policies should be adjusted and tuned to the environment.
    Could you please specify policies you are talking about or maybe specific rules inside the policies?
    We usually recommend to apply new policies as Alert Only during the tuning period (of 2 weeks) and then after reviewing the alerts, moving to Blocking.
    Best,

    ------------------------------
    Ira Miga
    Imperva
    Knowledge Engineer
    ------------------------------