Profense™ 2.2

Administration manual

Armorlogic ApS

$Date: 2008/02/27 16:18:05 $


Table of Contents

1. Profense
1. Load Balancer
1.1. Session persistence
1.2. Guaranteed secure persistence
1.3. HTTP and HTTPS request switching
2. Web Accelerator
2.1. Caching
2.2. HTTP compression
2.3. SSL acceleration
2.4. TCP connection off-loading
3. Web Application Firewall
3.1. Automated application profiling
3.2. Adaptive learning with instant protection
3.3. Positive security model
3.4. Negative security model
3.5. Proactive protection
3.6. Filtering
3.7. Management
3.8. Log functions
4. The Profense™ Platform
4.1. Platform features
4.2. Platform technology
2. Getting started
1. Installing Profense
1.1. Hardware
1.2. Necessary information
1.3. Installation
2. Using the Profense™ web management interface
2.1. Accessing Profense™ web management interface
2.2. Navigating Profense™ web management interface
3. Basic administration
3.1. Definitions
3.2. Getting help
3.3. Change administrator password
3.4. Configuring interfaces
3.5. Configuring for updates
3.6. Installing updates
3.7. Adding a Proxy
3.8. Deleting a proxy
3.9. Developing the Policy
3.10. System monitoring
3.11. Backup and restore
3. Working with Access Control Policies
1. Overview
2. Validation order and precedence
3. Policy elements
3.1. Static content policy
3.2. Global URL path policy
3.3. Global parameters policy
3.4. Web application policy parameter classes
4. Regular expressions in Profense
4.1. What are regular expressions
4.2. Metacharacters
4.3. Repetition
4.4. Special notations with \
4.5. Character sets [...]
4.6. Lookaround
4.7. Examples
4.8. Further reading
5. Building the access policy
5.1. Initial configuration
5.2. Learner - automatic application profiling
5.3. Allow from log
4. How to recipes
1. Operating mode
1.1. Changing operating mode
2. Adding a proxy
2.1. Adding an HTTP proxy
2.2. Adding an HTTPS proxy
3. Clustering configuration
3.1. Configuring a load balanced cluster
3.2. Configuring a fail-over cluster
5. Profense™ Proxy reference
1. Operating mode
1.1. Changing operating mode
2. Monitor
3. Manage
3.1. Defined proxies
3.2. Selecting a proxy for management
3.3. Changing operating mode
3.4. Adding a proxy
3.5. Removing a proxy
4. Global patterns
4.1. Static content policy
4.2. Global URL path policy
4.3. Global parameters policy
4.4. Signature usage
4.5. IP pass through
4.6. General request settings
4.7. Lower button panel
5. Web applications
5.1. Filter ACL
5.2. Access policy
5.3. Add URL manually
5.4. Pending changes
5.5. Lower button panel
6. Application details
6.1. URL settings
6.2. Parameter - add new
6.3. Modifying a parameter
6.4. Parameters
6.5. Lower button panel
7. Learning data
7.1. Sample run information
7.2. Resulting policy
7.3. Applications learned
7.4. Global parameters learned
7.5. Static content learned
7.6. Tools
7.7. Lower button bar
8. Access log
9. Deny log
9.1. Specifying filter criteria
9.2. Blocked and failed requests
9.3. Lower button bar
10. Servers
10.1. Virtual web server
10.2. Real web server
10.3. Virtual host aliases
10.4. Load balancing settings
10.5. Advanced settings
10.6. Lower button panel
11. Logging
11.1. Log settings
11.2. External notification
11.3. Alert and criticality levels
11.4. Lower button panel
12. Learner
12.1. Policy generation threshold values
12.2. Learning thresholds
12.3. Learn data sampling
12.4. Lower button panel
13. Acceleration
13.1. Caching
13.2. Content compression
13.3. TCP connection reuse
13.4. Lower button panel
14. Web application firewall
14.1. Operating mode
14.2. Advanced settings
14.3. Header re-writing
14.4. Web server cloaking
14.5. Lower button panel
15. Input validation classes
15.1. Lower button panel
16. Error handling
16.1. Error messages
16.2. Lower button panel
17. Reports
17.1. Reports
17.2. Generated reports
18. Statistics
18.1. Interval selection
18.2. Summary section
18.3. Compression and served from cache graph
18.4. Requests total and served from cache graph
18.5. Original data and data sent graph
18.6. Lower button panel
6. System reference
1. Clustering
1.1. Configuring a load balanced cluster
1.2. Configuring a fail-over cluster
1.3. Synchronization configuration
1.4. CARP Interfaces
1.5. Fail-over status information
2. Configuration
2.1. Network
2.2. Date and Time
2.3. Static routes
2.4. Miscellaneous
2.5. Backup configuration
2.6. Auto-backup
3. Information
3.1. System
3.2. Profense
3.3. Devices
3.4. Disks
4. Interfaces
4.1. IP configuration
4.2. Role
4.3. Media settings
5. Logs
6. Status
6.1. System status
6.2. Disk
6.3. Interfaces
6.4. Modules
6.5. Disk I/O
6.6. Disk
7. Tools
7.1. Network tools
7.2. Backup
7.3. Reboot and Shutdown
7.4. Technical information for support
7.5. License information
8. Updates
8.1. Updates available for installation
8.2. Installed updates
9. Users
9.1. Administrative user accounts
9.2. Currently logged in users
7. The command line interface
1. Accessing CLI
2. Command reference
2.1. show interfaces
2.2. show interface
2.3. show gateway
2.4. show hostname
2.5. show routes
2.6. show version
2.7. set gateway
2.8. set interface
2.9. set password
2.10. system backup run
2.11. system cache flush
2.12. system ping
2.13. system updates fetch
2.14. system updates query pending
2.15. system updates query installed
2.16. system updates install
2.17. system status
2.18. system restart
2.19. system shutdown
2.20. system reboot
2.21. quit
8. Network deployment
1. Simple single-homed Profense™ implementation
2. Firewalled single-homed Profense™ implementation
3. Firewalled Profense™ implementation with a fail-over/backup Profense
4. Dual-homed performance optimized Profense™ implementation

List of Figures

1.1. Load balancing HTTPS
1.2. Positive filtering in a web context
4.1. Carp load balancing interfaces on master
4.2. Carp load balancing interfaces on slave
6.1. Carp load balancing interfaces on master
6.2. Carp load balancing interfaces on slave
8.1. Simple single-homed Profense™ implementation
8.2. Firewalled single-homed Profense™ implementation
8.3. Firewalled Profense™ implementation with a fail-over/backup Profense
8.4. Dual-homed performance optimized Profense™ implementation

List of Tables

3.1. Metacharacters in regular expressions
3.2. Repetition in regular expressions
3.3. Notations with \ in Profense™ regular expressions
3.4. Character sets in regular expressions
3.5. Lookaround in regular expressions
3.6. Examples of global URL regular expressions
3.7. Examples of regular expressions for input validation
3.8. Examples of global parameters regular expressions
3.9. Predefined standard classes in Profense
3.10. Optional initial policy configuration configuration parameters
© 2007 Armorlogic