UI Overview and Common Elements

Features and conventions found throughout the user interface

The Link11 WAAP UI has several main parts:

In the left-hand sidebar, there is the console menu. By default, it is collapsed; it will slide out when clicked on, or the ">" button is selected.
The right-hand part of the window varies, depending on what the user has selected. If traffic analytics are not currently displayed, typically this will be a List page or an Editor page.
Most pages have common UI elements, described below.
Most pages have a section for versioning.

These parts are described below, along with a discussion of how L11WAAP is configured and administered through the UI, and some common UI elements that are found throughout the interface.

This consists of the following sections:

Analytics
Security
Sites
System

The first section contains L11WAAP's reporting capabilities. The others are for configuring L11WAAP.

Configuration and Administration

The configuration sections use a common structure for administration, with two types of pages:

List page: Displays all the entries for that configuration type.
Editor page: Provides the ability to edit a specific entry.

List page administration

Most L11WAAP settings are collections of individual entries. The List page allows admins to manage these collections.

Viewing entries

When a configuration type is selected in the sidebar menu (e.g., Global Filters, shown above), its List page is shown. By default, it shows all the current entries for that configuration type.

The display can be filtered by selecting the funnel icon on the upper right. The list can be downloaded by selecting the download button next to the funnel.

Adding an entry

To add a new entry, select the "+ New" button at the top right of the list.

After adding an entry, publish the changes.

Deleting an entry

Deleting an entry can be done from the list of entries, or from the entry's Editor page.

From the list, hover the cursor over the entry, then select the trash icon that appears at the end of the entry.
From the Editor page, select the "Delete" button at the top.

You will be asked to confirm the deletion.

After deleting an entry, publish the changes.

Editing an entry

Hovering the cursor over an entry in the list will reveal an "edit" icon at the right end of the entry. Select this to open that entry in the appropriate Editor page.

Editor pages

Editor pages allow admins to manage individual entries within a collection of configuration settings.

Selecting the "<-" button on the upper left will navigate back to the List page.

Selecting the entry being displayed

Within an Editor page, the entry being displayed can be changed by selecting the pulldown list at the upper left. (The name shown for the currently-displayed entry is part of the pulldown list.)

Modifying an entry

After editing an entry, be sure to save your changes with the "Save" button at the top of the Editor page, and then publish the changes.

Note that if you make configuration changes, but do not select the "Save" button before navigating to a different page, your changes will not be retained, and you will not be prompted or asked to confirm.

Duplicating an entry

To clone the entry being displayed, select the "Duplicate" button on the upper right.

Downloading an entry

To download the information in the entry being displayed, select the "Download" button on the upper right.

Deleting an entry

To delete the entry being displayed, select the "Delete" button on the upper right. As mentioned above, entries can also be deleted from the appropriate List page.

Versions and Branches

L11WAAP maintains versions for most of its configuration data. Admins can roll back or forward to a different version at any time.

Versioning

Within the UI, most pages contain a Version History section at the bottom.

This section displays previous versions of configurations, and allows you to revert/restore the system to any saved configuration. By default, it is collapsed:

Expanding it reveals its contents:

To select a different version, hover the cursor over the end of the desired configuration's entry. A button will appear with an icon representing the "restore" operation.

Select this button. Once the process is complete, publish.

List and Table Filters

Throughout the interface, there are various lists and tables. Most of them have filter fields: text boxes at the top of each column, which will accept expressions to filter the displayed entries.

Here's an example of the Global Filters list, with crawler entered into the filter for the Name column:

As shown here, entering an expression will filter the results to display only matching entries, if any. Multiple filter fields can be used simultaneously; they will be combined with a logical AND.

The filter fields support regex.

Tag selector

Many settings include tags, as in this Security Policy example:

The dropdown list allows admins to add one or more user tags. Below the list, the system tags are displayed.

Administration and management of tags is described in detail here: Tagging.

Include and Exclude Filter Lists

The Editor pages for some types of security rules (Dynamic Rules, Flow Control Policies, and Rate Limit Rules) contain two lists labeled Include and Exclude.

By default, a security rule will be enforced for all incoming requests within its scope. The Include and Exclude lists can be used to limit the scope of this enforcement.

Each list can contain one or more tags:

If the Exclude list contains any tags, a request is exempted from enforcement if it matches the list.
If the Include list contains any tags, a request is exempted from enforcement unless it matches the list.

What it means to "match" the list

Rate Limit Rules and Dynamic Rules have or/and selectors for their Include and Exclude tag lists. These selectors become visible when more than one tag has been added to a list.

When a list is set to or, a request will match if it contains any of the tags in the list.
When a list is set to and, a request will match only if it contains all of the tags in the list.

Note that for any security rule, its two lists are separate, and can be set to different modes.

Flow Control Policy tag lists do not have or/and selectors. These lists operate in or mode; therefore, a request will match a list if it contains any of the tags in the list.

Important details about the Include/Exclude process

The Exclude list is evaluated before the Include list, and takes priority. See example below.
The Include list is not exhaustive. In other words, for the security rule to be enforced, all of the request's tags do not need to be listed in Include. However, if the Include list contains any tags, the request must have at least one (in OR mode) or all (in AND mode) of them, for it to be subjected to enforcement.
An empty Include list is treated as if it contains all. This is a system tag that all requests have. In other words, by default, the security rule will be enforced on every request (unless the request matches the Exclude list).

As mentioned above, Exclude takes priority over Include. Example: a request has been tagged withfoo. A security rule has Includefooand Excludeall. The request will be excluded from evaluation by this rule.

To add a tag to a list, select the "+" button. To remove a tag, hover the cursor over it and select the "x" that appears on it. To remove all tags, hover the cursor over the tag list and select the "X" that appears at the end of the list.

PreviousTagging NextAnalytics

Last updated 3 days ago