Scenario: A Citrix Engineer is reviewing the Citrix Web App Firewall log files using the GUI. Upon further analysis, the engineer notices that legitimate application traffic is being blocked.
What can the engineer do to allow the traffic to pass through while maintaining security?
To address the issue of legitimate application traffic being blocked while maintaining security, the engineer should create a relaxation rule. By selecting the check box in the log entry and choosing Edit & Deploy from the Action menu, the engineer can modify the specific Web App Firewall rule that is blocking the legitimate traffic. This approach ensures that the legitimate traffic is allowed to pass through without disabling the security mechanisms entirely, maintaining the overall security posture.
Answer should be D since security needs to be maintained.
Should be D
D. Select the checkbox in the log entry. Choose Edit & Deploy to create a relaxation rule from the Action menu. By selecting "Edit & Deploy," the engineer can modify the Web App Firewall rule that is blocking legitimate traffic, turning it into a relaxation rule that allows the traffic while keeping other security measures in place. This is supported by the standard practices for managing false positives in security appliances like Citrix Web App Firewall.
I'm pretty sure you have to cut and paste the url or partial url from the log into the relaxation policy. I really need a relaxation policy myself.