Security Policy Settings
Explains how to configure security policies in DeepFinder.
Security policies are broadly set based on Domain and URL. Major policies include URL Restriction, Cookie Encryption, Method Control, Header Field Inspection, Security Pattern Detection, and IP Access Control.
Overview
Security policies are applied and operated at the Domain Group level. Generally, one Agent is mapped to one domain group. However, if an Agent is mapped to multiple domain groups, you must accurately identify the group containing the target domain before configuration.
Additionally, security policies are divided into Domain Security Policy and URL Security Policy depending on the scope of application.
- Domain Security Policy: Applied collectively to the entire domain group. It mainly manages security settings for HTTP protocol headers and additional options within the group.
- URL Security Policy: Applies detailed security settings (request/response data inspection, etc.) specific to certain URL paths within the domain group. Therefore, before configuring this policy, you must first select the path to apply from the [Policy URL] list on the left.
The detailed security policy items supported by DeepFinder are as follows:
| Category | Detailed Policy Items |
|---|---|
| Domain Security Policy | Domain Default Policy |
| Default Limit Policy | |
| Error Page Settings | |
| DoS Protection Policy | |
| Header Field Name Policy | |
| Header Field Value Policy | |
| Method Policy | |
| Cookie Security Policy | |
| URL Restriction Policy | |
| URL Security Policy | URL Default Limit Policy |
| Security Pattern Policy | |
| Data Leakage Prevention Policy | |
| IP Access Policy | |
| Upload Policy | |
| File Pattern Policy | |
| POST Attack Policy | |
| File Inspection Policy | |
| Brute Force Attack |
All security policies operate according to specified priorities. Please refer to the Policy Priority document for the detailed order.
Descriptions of the Action and Log Type that must be specified when configuring policies are as follows:
| Action | Description |
|---|---|
| NONE | Does not apply the policy. |
| ALLOW | Immediately allows the session if it matches the policy rule. Skips checking lower-priority rules in the current policy and proceeds to the next stage of security policy (module). (e.g., If a jpg file is ALLOWed in the Upload Policy, subsequent upload blocking rules are skipped, and the process moves directly to the next stage, such as 'Upload File Size' check.) |
| DENY | Immediately blocks the session if it matches the policy rule. |
| REDIRECT | Redirects to a specified block page if it matches the policy rule. ※ Redirection page setting path: Policy Settings > Domain Security Policy > [Error Page] > (Program Block Page) |
| DETECT | Records a detection log only if it matches the policy rule, and continues to check the next policy without blocking. |
| MASK | Masks the string matching the policy rule (pattern) with asterisks (*) to protect sensitive information. |
| BYPASS | Skips all security policy checks and allows the session to pass. (Internally acts similarly to a whitelist in the Domain IP Policy.) |
| Log Type | Description |
|---|---|
| NONE | Does not record a log. |
| LOW | Briefly records only essential summary information. |
| FULL | Records a detailed log including HTTP Header and Body information in addition to the LOW information. |