Prisma Session Cookies set by WAAS are encrypted and signed to prevent cookie tampering. In addition, cookies include advanced protections against cookie replay attacks where cookies are harvested and re-used in other clients.
Ban action is available in the
DoS protection and
Bot protection tabs.
If triggered this action would prevent access to the protected endpoints of the app for a time period set by users (default is set to 5 minutes.)
If Prisma Session Cookies are enabled, users are able to apply ban by either
Prisma Session Id or by IP.
Body inspection can be disabled or limited up to a configurable size (in Bytes).
WAAS body inspection limit is 131,072 Bytes (128Kb)
This option is intended to defend web applications running on remote hosts which can not be protected directly by WAAS (e.g. Windows Servers).
|Remote host option is only available for WAAS host rules.|
A "middle-box" host instance with WAAS supported OS should be set up.
Traffic to the web application should be directed to the "middle-box" host.
Ports on the "middle-box" host to which traffic is directed to should be unused (WAAS will listen on these ports for incoming requests).
WAAS host rule with
Remote hostsettings should be deployed to protect the "middle-box" host.
Incoming traffic to the "middle-box" host will be forwarded to the specified address (resolvable hostname or IP address) by WAAS.
WAAS sets the original
Use of TLS and destination port is determined by the endpoint configuration in the
App definition tab.
The following protected endpoints are defined in the
App definition tab:
Remote host has been configured as follows:
Expected result would be as follows:
HTTPS traffic to www.example1.com on port 443 would be forwarded via HTTPS to www.remotehost.com
HTTP traffic to www.example1.com on port 80 would be forwarded via HTTP to www.remotehost.com
|Protected endpoints with TLS enabled will not forward non-TLS HTTP requests.|