UI Overview and Common Elements

The Link11 WAAP UI has several main parts:

• In the left-hand sidebar, there is the . By default, it is collapsed; it will slide out when clicked on, or the ">" button is selected.

• The right-hand part of the window varies, depending on what the user has selected. If are not currently displayed, typically this will be a or an .

• Most pages have common UI elements, described below.

• Most pages have a section for .

These parts are described below, along with a discussion of how L11WAAP is configured and administered through the UI, and some common UI elements that are found throughout the interface.

Console Menu

This consists of the following sections:

• Analytics

• Security

• Sites

• System

The first section contains L11WAAP's reporting capabilities. The others are for configuring L11WAAP.

Configuration and Administration

The configuration sections use a common structure for administration, with two types of pages:

• List page: Displays all the entries for that configuration type.

• Editor page: Provides the ability to edit a specific entry.

List page administration

Most L11WAAP settings are collections of individual entries. The List page allows admins to manage these collections.

Viewing entries

The display can be filtered by selecting the funnel icon on the upper right. The list can be downloaded by selecting the download button next to the funnel.

Adding an entry

To add a new entry, select the "+ New" button at the top right of the list.

Deleting an entry

Deleting an entry can be done from the list of entries, or from the entry's Editor page.

• From the list, hover the cursor over the entry, then select the trash icon that appears at the end of the entry.

• From the Editor page, select the "Delete" button at the top.

You will be asked to confirm the deletion.

Editing an entry

Hovering the cursor over an entry in the list will reveal an "edit" icon at the right end of the entry. Select this to open that entry in the appropriate Editor page.

Editor pages

Editor pages allow admins to manage individual entries within a collection of configuration settings.

Navigation

Selecting the entry being displayed

Within an Editor page, the entry being displayed can be changed by selecting the pulldown list at the upper left. (The name shown for the currently-displayed entry is part of the pulldown list.)

Modifying an entry

Duplicating an entry

To clone the entry being displayed, select the "Duplicate" button on the upper right.

Downloading an entry

To download the information in the entry being displayed, select the "Download" button on the upper right.

Deleting an entry

To delete the entry being displayed, select the "Delete" button on the upper right. As mentioned above, entries can also be deleted from the appropriate List page.

Versions and Branches

L11WAAP maintains versions for most of its configuration data. Admins can roll back or forward to a different version at any time.

Versioning

Within the UI, most pages contain a Version History section at the bottom.

This section displays previous versions of configurations, and allows you to revert/restore the system to any saved configuration. By default, it is collapsed:

Expanding it reveals its contents:

To select a different version, hover the cursor over the end of the desired configuration's entry. A button will appear with an icon representing the "restore" operation.

List and Table Filters

Throughout the interface, there are various lists and tables. Most of them have filter fields: text boxes at the top of each column, which will accept expressions to filter the displayed entries.

Here's an example of the Global Filters list, with crawler entered into the filter for the Name column:

As shown here, entering an expression will filter the results to display only matching entries, if any. Multiple filter fields can be used simultaneously; they will be combined with a logical AND.

Tag selector

Include and Exclude Filter Lists

By default, a security rule will be enforced for all incoming requests within its scope. The Include and Exclude lists can be used to limit the scope of this enforcement.

Each list can contain one or more tags:

• If the Exclude list contains any tags, a request is exempted from enforcement if it matches the list.

• If the Include list contains any tags, a request is exempted from enforcement unless it matches the list.

What it means to "match" the list

Rate Limit Rules and Dynamic Rules have or/and selectors for their Include and Exclude tag lists. These selectors become visible when more than one tag has been added to a list.

• When a list is set to or, a request will match if it contains any of the tags in the list.

• When a list is set to and, a request will match only if it contains all of the tags in the list.

Note that for any security rule, its two lists are separate, and can be set to different modes.

Flow Control Policy tag lists do not have or/and selectors. These lists operate in or mode; therefore, a request will match a list if it contains any of the tags in the list.

Important details about the Include/Exclude process

• The Exclude list is evaluated before the Include list, and takes priority. See example below.

• The Include list is not exhaustive. In other words, for the security rule to be enforced, all of the request's tags do not need to be listed in Include. However, if the Include list contains any tags, the request must have at least one (in OR mode) or all (in AND mode) of them, for it to be subjected to enforcement.

• An empty Include list is treated as if it contains all. This is a system tag that all requests have. In other words, by default, the security rule will be enforced on every request (unless the request matches the Exclude list).

To add a tag to a list, select the "+" button. To remove a tag, hover the cursor over it and select the "x" that appears on it. To remove all tags, hover the cursor over the tag list and select the "X" that appears at the end of the list.