Profiles
A page for administration of security Profiles
Within the Security section, this tab provides an interface for administering Security Profiles.
Existing Profiles are shown on the left.
Profile Management
Admins can create new Security Profiles, as discussed below. Admins can also edit the Profiles that are included out of the box (e.g., SP Default) in a new deployment.
Out of the box, Reblaze's Security Profiles are named with a prefix of SP. This naming convention is recommended when creating/editing new Profiles, but it is not mandatory.
Several of the Reblaze-maintained Security Profiles are templates (designated by the prefix SPT). If you do not wish to see them on this page, they can be hidden by selecting the Hide Templates checkbox on the upper right. These templates are used by the Create New Site wizard, and can also be assigned to other sites/applications by admins in the Security Profiles section of the Web Proxy page.
Profile Administration
To create a profile, click the Create New button toward the top of the screen, and then choose Profile. Or select an existing one and choose Duplicate, then edit the newly-created copy.
To edit a profile, select it from the list on the left. Its contents will appear in the middle part of the screen.
To add a new Policy to the Profile, select the desired Policy from the Link More Policies list on the right, and click the Add button. To remove an existing Policy from the Profile, click on the X to the right of its name.
In previous versions of Reblaze, a Profile would include one WAF/IPS Policy. Now, a WAF Policy is assigned directly to each resource/location in the Security Profiles section of the Web Proxy page.
Within a Profile, the order of Policies does not matter. When evaluating an incoming request, Reblaze combines the Bypass, Allow, and Deny Rules from all the ACL Policies in the Profile. It evaluates all the Bypass Rules first, then all the Allow Rules, then the Deny Rules.
Most Profile administration will not be possible until the appropriate Policies have been created. Similarly, complete Policy administration will not be possible until there are Rules to add to them.
