Application Rules for Avi Pulse
Note: This content has been relocated to docs.vmware.com. For the latest update, see <a href=https://docs.vmware.com/en/VMware-NSX-Advanced-Load-Balancer/21.1.1/Cloud_Service/GUID-A0A36E6B-37F2-460A-8AC4-9377DD559500.html>VMware NSX Advanced Load Balancer Cloud Services</a>.
This guide explains the Application Rules Service of Avi Pulse.
Applications Rules are WAF rules provided by Avi Vantage via a third-party signature provider. These rules protect against specific well-known vulnerabilities for specific applications.
This is different from Avi Vantage’s Core Rule Set (CRS) , where rules are protecting against generic attack classes.
Application Rules Service
The default rule set object contains rules for more than 5000 different applications.
Once the Controller is registered with Avi Pulse (refer to Registering Avi Pulse for more details), you can opt-in for Application Rules service, the ruleset will be automatically updated on Controller periodically.
If you are already registered, you can opt-in or opt-out Application Rules service. Click on the Pencil icon, the opt-in page will be opened to modify.
By default Application Rules Sync Interval is set to 1 day (1440 minutes) (recommended). 60 minutes is the minimum allowed value.
After successful sync, the rule DB is deployed on the Controller as shown below:
Viewing Events for Debugging Application Rules
You can view events for debugging Application Rules issues as follows:
Document Revision History
|April 15, 2021||Published Application Rules Guide|