PoC related stuff

POC procedures

Installation & Config

Step 1: Install patches (verified patches before using for POC)

Step 2:

Issue

POC Issues

Usecase

Blocking, Redacting and Rewrite

Prerequisites for Session Policy

This usecase require enabling Guardium S-Gate, follow below guide to enable:

Manage -> Module Installation -> Set up by Client

Important: The S-GATE SESSION policy rule actions require setting firewall_default_state=2 in the S-TAP configuration. For more information about the firewall_default_state setting, see S-TAP configuration firewall parameters.

Pasted image 20240725113022.png

Settings for Redact & Rewrite features

To have these features, use Extrusion rule type
How to enable Extrusion:

  1. Login to the graphical user interface of a Collector appliance, where the required Policy will be changed. Use admin privileges.
  2. Navigate to "Manage > Activity Monitoring > Inspection Engines".
  3. Mark the Inspect Returned Data checkbox.
  4. Click the Apply button, in order to save the Inspection Engines configuration.
  5. Finally, click Restart Inspection Engines to make the configuration effective.