I have no glue how imperva waf (on-prem) is applying existing policies when a new webservice (new Server Group) is created. I understand that custom policies don't get applied by default (because some custom policies may apply only to certain services / server groups) - so far so good. But I don't know the approach which is used for default / ADC policies. I saw some webservice / application policies that didn't get applied on creation of a new service and others were applied.I know there is an checkbox "Automatically apply this policy to new server groups", but this is only available for instance for the firewall policy.
There is a set of "default - out of the box" policies that are applied.
There are policies outside of the firewall policies that can be automatically applied; for example, the Stream Signatures and Network Protocol Validation policies.
OK. In case of creating a new HTTP Service in the Site tree, I have to walk through every single policy (approx. 400 Policies) and apply it on my own (except the few that were applied automatically)?
Don't seems to be very user-friendly ...