Dell SonicWall SRA 4200 Administrator's Manual
Download Administrator's manual of Dell 4200 Desktop, Gateway for Free or View it Online on All-Guides.com. This version of Dell 4200 Manual compatible with such list of devices, as: 4200, SonicWall SRA 4200, SonicWall SRA 1200, SonicWall SRA 1600, SonicWall SRA 4600
Brand: Dell
Category: Desktop , Gateway , Network Hardware , Server
Type: Administrator's manual
Model: Dell 4200 , Dell SonicWall SRA 4200 , Dell SonicWall SRA 1200 , Dell SonicWall SRA 1600 , Dell SonicWall SRA 4600
Pages: 440
270 | SRA 6.0 Administrator’s Guide
Example Use Cases for Rules
This section provides examples of positive and negative security models, as well as several
examples showing the use of advanced operations to provide a deeper understanding of these
anti-evasive techniques.
Example – Positive Security Model: Blocking Bad Logins
To prevent login to an Application Offloaded Web site if the length of the password is less than
8 characters, you would create a rule chain containing the following two rules:
1. Select Host as the Variable and click + to add it, set the Operator to Equals String, and
set Value to the Virtual Host name of the portal. This checks that the Host header of the
login request matches the site you are trying to protect. In this case, the rule chain is only
being applied to one site.
2. Select Parameter Value as the Variable and type password into the selection field, then
click + to add the variable and selected item to the rule, set the Operator to < (less than),
and set Value to 8. Select String Length in the Advanced Operations list to compute the
length of the password form parameter.
URL Decode
URL Decode (Unicode)
Use the URL Decode operation to decode URL encoded strings in the input.
Use the URL Decode (Unicode) operation to handle %uXXXX encoding.
URL encoding is used to safely transmit data over the Internet when URLs
contain characters outside the ASCII character set.
NOTE: Do not use these operations against an input that has been decoded
already.
This is an anti-evasive operation to prevent hackers from using URL encoding
to bypass rules, knowing that the backend Web server can interpret their mali-
cious input after decoding it.
For example, the URI www.eshop.com/hack+URL%3B is converted to
www.eshop.com/hack URL by this operator before the comparison is made.
Trim Use the Trim operation to remove spaces before and after the input data
before the comparison. Extra spaces can cause a rule to not match the input,
but are interpreted by the backend Web application.
This is an anti-evasive operation to prevent hackers from adding spaces
before and after the input data to bypass the rule.
Operation Description