Picture 571

Figure – VSP-Web Workflow


  1. Create Web Profile – Refer Create Web Profile Section  for more information

  2. Application Creation – Refer Workload Onboarding for more information about Application creation. Ensure that:

    1. Select the Service Type is Web Services.

    2. Provide the below information:

      1. Web Server Name – Name of the Web Server

      2. Web Server Description – Short description of the Web Server

      3. Select the appropriate Web Profile Type from the dropdown – Apache Httpd, Nginx OR IIS

        Picture 572

    3. Provide the below information:

      1. Web Server Command Line – The exact command for starting the Web Server

        Examples: service httpd start (For Apache); service nginx start (For Nginx)

      2. Protection Profile (optional) – Select the appropriate Protection Profile from the dropdown

      3. Host Name – List of all the associated host names separated by comma

      4. Web Profile Name – Select the appropriate Web Profile from the dropdown

        Picture 621

    4. For HTTP Profile, ensure that Protocol Enforcement vulnerability is selected. If any Deny rule is configured for Custom Injection, ensure that it is selected

      Picture 573

  3. Provision Application

    1. For VMs, ensure that the appropriate Instances are associated with the Application and it is secured using the below button

      Picture 575

    2. For containers, the instances are automatically associated and the Application is secured

  4. Monitor Incidents – Based on the configured rules, the HTTP requests are allowed/blocked. The blocked requests are reported as incidents. Navigate to Monitor > Incidents to view them

  5. Add Exceptions – If undesired incidents are received, create exceptions for them to prevent receiving such incidents in the future

    Picture 576