Forum Discussion
daboochmeister
Cirrus
CirrusAdvWAF, OpenAPI - how to update security profile as APIs are added?
Hi - We have an integration in which we want to create a security profile via Guided Configuration for an API server, and plan on importing the OpenAPI specification as the starting point. But - thi...
daboochmeisterCirrus
CirrusThank you for the reply and info! So, if you do it this way, does the new API you add end up with all of the protections as the initial ones you import via the Swagger file? An example of what I mean - the initial protections, created by the guided configuration, include conditioning the expected input values for each API based upon each's spec (yes? that was my understanding, but pls tune that if needed!); if you add the new one the way you've described, do you end up with such input value protections, etc.? Or, are you more simply allowing the URL path to be accessed, and getting the benefit of the general protections (DDoS, bot checks, signature checks, etc.)?
The goal would be to have full protections, equivalent to if the new API had been included in Guided Configuration policy buildout. I'm new to AdvWAF, if that doesn't make sense, please don't hesitate to say so and explain!
Hi.
*Yes the API protection is configured initially importing the Swagger file, in block or transparent mode.
* Yes, each API profile is unique, and you can customize it every time that API changes or allowed methods change.
*The inputs are independent for each API profile, you can modify, allow, and customize based on your necessities for each API.
*The URL path for the API is necessary to apply the correct API protection profile, without LTM policies you can apply only one API protection profile by VS.
*