v14.

4 Web Application Firewall User Guide

v14.4 Web Application Firewall User Guide

v14.4 Web Application Firewall User Guide 1

 Contents

Contents
Adding New Security Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Cloning/Creating New Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

v14.4 Web Application Firewall User Guide

 v14.4 Web Application Firewall User Guide

Adding New Security Policies

In addition to the policies provided by Imperva, you can create user-defined security policies. This capability takes
advantage of SecureSphere object-based structure that enables you to adjust the policy mechanism to your specific
needs and requirements according to the object levels (Server Group, Service, Application).

Policies provided by Imperva cover the majority of typical configurations. Sometimes for some elements in your
system you need to provide protection using strict rules and industry standards, while in other cases you might want
to define more flexible policies.

Example: You have two main applications in your organization. Application A is well defined and works according to
the standard. Application B is an internally developed application that was developed 10 years ago by a programmer
who left the company shortly after that. Application B is still widely used by the company employees, but it does not
behave exactly according to the industry standard.

To adjust policies to different security needs and protection levels, you can do one of the following:

• To clone the default SecureSphere policies and adjust them to your requirements, see Cloning/Creating New
Policies.
• To create a policy from scratch, see Cloning/Creating New Policies.
• To add a new custom policy, see Web Service Custom Policies or Web Application Custom Policies

v14.4 Web Application Firewall User Guide 3

 v14.4 Web Application Firewall User Guide

Cloning/Creating New Policies

You can create user-defined policies that are bound to the object levels and are divided into the following policy type
categories:

• Web Service: Enables cloning/creating policies using the Web Service policy types, see Securing Web Transport.
• Web Application: Enables cloning/creating policies using the Web Application policy types, see Securing Web
Applications.

To create a user-defined policy:

1. In the Main workspace, select Policies > Security. The Security window appears.
2. In the Security window, click and select the policy type category based on which you want to create the
policy from the drop-down list. The Create New Policy dialog box appears.
3. In the Name text box, type the user-defined name.

Note: It is recommended to give a meaningful name and description to the new policy, as
the name and the description appear in alerts.

4. To create a new policy, select From scratch and select the policy type from the Type drop-down box.
5. To clone a policy, select the policy that you want to use for cloning from the Use existing drop-down list.
6. Click Create.
7. The Create New Policy dialog box closes and the new policy name appears in the Policies pane. Now you can
define the policy rules according to the policy type definitions.

v14.4 Web Application Firewall User Guide 4