Dell SonicWall SRA 4200 Administrator's Manual
Download Administrator's manual of Dell 4200 Desktop, Gateway for Free or View it Online on All-Guides.com. This version of Dell 4200 Manual compatible with such list of devices, as: 4200, SonicWall SRA 4200, SonicWall SRA 1200, SonicWall SRA 1600, SonicWall SRA 4600
Brand: Dell
Category: Desktop , Gateway , Network Hardware , Server
Type: Administrator's manual
Model: Dell 4200 , Dell SonicWall SRA 4200 , Dell SonicWall SRA 1200 , Dell SonicWall SRA 1600 , Dell SonicWall SRA 4600
Pages: 440
64 | SRA 6.0 Administrator’s Guide
How are Signatures Used to Prevent Attacks?
For Cross Site Scripting, Injection Flaws, Malicious File Execution, and Insecure Direct Object
Reference vulnerabilities, the Web Application Firewall feature uses a black list of signatures
that are known to make Web applications vulnerable. New updates to these signatures are
periodically downloaded from a Dell SonicWALL signature database server, providing
protection from recently introduced attacks.
When input arrives from the Internet, Web Application Firewall inspects HTTP/HTTPS request
headers, cookies, POST data, query strings, response headers, and content. It compares the
input to both a black list and a white list of signatures. If pattern matching succeeds for any
signature, the event is logged and/or the input is blocked if so configured. If blocked, an error
page is returned to the client and access to the resource is prevented. If blocked, an error page
is returned to the client and access to the resource is prevented. The threat details are not
exposed in the URL of the error page. If configured for detection only, the attack is logged but
the client can still access the resource. If no signature is matched, the request is forwarded to
the Web server for handling.