Security Insight 编辑
Security Insight
Web and web service applications that are exposed to the Internet have become increasingly vulnerable to attacks. To protect applications from attack, you need visibility into the nature and extent of past, present, and impending threats, real-time actionable data on attacks, and recommendations on countermeasures. Security Insight provides a single-pane solution to help you assess your application security status and take corrective actions to secure your applications.
Note
Security Insight is supported on Citrix ADM with all ADC appliances running on version 11.0 Build 65.31 and later.
How Security insight works
Security Insight is an intuitive dashboard-based security analytics solution that gives you full visibility into the threat environment associated with your applications. Security insight is included in Citrix ADM, and it periodically generates reports based on your Application Firewall and ADC system security configurations. The reports include the following information for each application:
Threat index. A single-digit rating system that indicates the criticality of attacks on the application, regardless of whether the application is protected by an ADC appliance. The more critical the attacks on an application, the higher the threat index for that application. Values range from 1 through 7.
The threat index is based on attack information. The attack-related information, such as violation type, attack category, location, and client details, gives you insight into the attacks on the application. Violation information is sent to Citrix ADM only when a violation or attack occurs. Many breaches and vulnerabilities lead to a high threat index value.
Safety index. A single-digit rating system that indicates how securely you have configured the ADC instances to protect applications from external threats and vulnerabilities. The lower the security risks for an application, the higher the safety index. Values range from 1 through 7.
The safety index considers both the application firewall configuration and the ADC system security configuration. For a high safety index value, both configurations must be strong. For example, if rigorous application firewall checks are in place but ADC system security measures, such as a strong password for the
nsroot
user, have not been adopted, applications are assigned a low safety index value.Actionable information. The information that you need for lowering the threat index and increasing the safety index, which significantly improves application security. For example, you can review information about violations, existing and missing security configurations for application firewall and other security features, the rate at which the applications are being attacked.
Configure security insight
Note
Security Insight is supported on ADC instances with Premium license or ADC Advanced with AppFirewall license only.
To configure security insight on an ADC instance, first configure an application firewall profile and an application firewall policy, and then bind the application firewall policy globally.
Then, enable the AppFlow feature, configure an AppFlow collector, action, and policy, and bind the policy globally. When you configure the collector, you must specify the IP address of the Citrix ADM agent on which you want to monitor the reports.
Configure security insight on an ADC instance
Run the following commands to configure an application firewall profile and policy, and bind the application firewall policy globally or to the load balancing virtual server.
**add appfw profile** \<name\> \[**-defaults** ( basic or advanced )\] **set appfw profile** \<name\> \[**-startURLAction** \<startURLAction\> ...\] **add appfw policy** \<name\> \<rule\> \<profileName\> **bind appfw global** \<policyName\> \<priority\> or, **bind lb vserver** \<lb vserver\> **-policyName** \<policy\> **-priority** \<priority\>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论