Firewall Management

Provides an overview of firewalls associated with Web application firewall (WAF) policies, including their creation, updating, and deletion.

You can manage the firewalls associated with your WAF policies, including their creation, editing, deletion, and moving to another compartment. You also view all the firewalls associated with a specified WAF policy, or get the details of a specific firewall.

Adding Firewalls

Describes the different methods to add a firewall to a WAF policy.

Use one of the following methods to add a firewall to a WAF policy.
To add a firewall using the Console

Describes how to add a firewall to a WAF policy using the OCI Console.

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

    Alternatively, open the Web Application Firewall page and click Policies under Resources.

    The WAF Policies page appears.

  2. Select the Compartment from the list.

    All the WAF policies in that compartment are listed in tabular form.

  3. (Optional) Apply one or more of the following Filters to limit the WAF policies displayed:
    • State

    • Name

    • Policy Type: Select WAF Policy.

  4. Select the WAF policy to which you want to add a firewall.
    The WAF Policy Details dialog box appears.
  5. Click Firewalls under Resources.

    The Firewalls list appears.

  6. Click Add Firewalls.

    The Add Firewalls dialog box appears.

  7. Complete the following:
    • Firewall Name: Enter the name of the firewall.

    • Create in Compartment: Select the compartment that contains the firewall you are creating.

    • Load Balancer:

    • Check Enable WAF Logs to generate logs containing web application firewall security events.
      Note

      WAF logging is an optional feature with associated fees. See ??? for more information.

  8. (Optional) WAF Logs: Apply the following optional configurations to all WAF logs you enabled. You can later update these settings for individual log files in the log details. See Managing Logs and Log Groups for general information on logs.
    • Compartment: Select the compartment where the WAF logs reside from the list.

    • Log Group: Select the log group from the list.

    • Log Retention: Select the length of time log entries are retained in the log file from the list.

  9. Click Add Firewalls.

The Add Firewalls dialog box closes. The firewall you created is included in the Firewalls list.

To add a firewall using the CLI

Describes how to add a firewall to a WAF policy using the CLI.

Enter the following command and required parameters:
oci waf web-app-firewall create-for-load-balancer --compartment-id compartment-id --load-balancer-id load-balancer-id --web-app-firewall-policy-id web-app-firewall-policy-id

See the CLI online help for a list of optional parameters:

oci waf web-app-firewall create-for-load-balancer --help

See oci waf web-app-firewall create-for-load-balancer for a complete description of the command.

To add a firewall using the API

Describes how to add a firewall to a WAF policy using the API.

Run the CreateWebAppFirewall method to create a firewall. See CreateWebAppFirewall for a complete description.

Listing Firewalls

Describes the different methods to display a list of firewalls contained in a WAF policy.

Use one of the following methods to display a list of firewalls contained in a WAF policy.
To list the firewalls using the Console

Describes how to display a list of firewall contained within a WAF policy using the OCI Console.

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

    Alternatively, open the Web Application Firewall page and click Policies under Resources.

    The WAF Policies page appears.

  2. Select the Compartment from the list.

    All the WAF policies in that compartment are listed in tabular form.

  3. (Optional) Apply one or more of the following Filters to limit the WAF policies displayed:
    • State

    • Name

    • Policy Type: Select WAF Policy.

  4. Select the WAF policy containing the firewalls you want to list.

    The WAF Policy Details dialog box appears.

  5. Click Firewalls under Resources.

    The Firewalls list appears.

The Firewalls list displayed shows the firewalls associated with the WAF policy.

To list the firewalls using the CLI

Describes how to display a list of firewall contained within a WAF policy using the CLI.

Enter the following command and required parameters:
oci waf web-app-firewall list --compartment-id compartment-id

See the CLI online help for a list of optional parameters:

oci waf web-app-firewall list --help

See oci waf web-app-firewall list for a complete description of the command.

To list the firewalls using the API

Describes how to display a list of firewall contained within a WAF policy using the API.

Run the ListWebAppFirewalls method to list the firewalls. See ListWebAppFirewalls for a complete description.

Getting Firewall Details

Describes the different methods to get the details of a firewall contained within a WAF policy.

Use one of the following methods to get the details of a firewall contained within a WAF policy.
To get the details of a firewall using the Console

Describes how to get the details of a firewall contained within a WAF policy using the OCI Console.

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

    Alternatively, open the Web Application Firewall page and click Policies under Resources.

    The WAF Policies page appears.

  2. Select the Compartment from the list.

    All the WAF policies in that compartment are listed in tabular form.

  3. (Optional) Apply one or more of the following Filters to limit the WAF policies displayed:
    • State

    • Name

    • Policy Type: Select WAF Policy.

  4. Select the WAF policy to whose firewall details which you want to get.

    The WAF Policy Details dialog box appears.

  5. Click Firewalls under Resources.

    The Firewalls list appears.

  6. Select the firewall whose details you want to get.

    The Firewall Details dialog box appears.

The Details page contains information about the firewall, both general information and links to its resources. Some items in the page are read-only, while other items allow you to edit and update the firewall configuration.

To get the details of a firewall using the CLI

Describes how to get the details of a firewall contained within a WAF policy using the CLI.

Enter the following command and required parameters:
oci waf web-app-firewall get --web-app-firewall-id web-app-firewall-id

See the CLI online help for a list of optional parameters:

oci waf web-app-firewall get --help

See oci waf web-app-firewall get for a complete description of the command.

To get the details of a firewall using the API

Describes how to get the details of a firewall contained within a WAF policy using the API.

Run the GetWebAppFirewall method to get the details of a firewall. See GetWebAppFirewall for a complete description.

Editing Firewalls

Describes the different methods to edit a firewall contained within a WAF policy.

Use one of the following methods to edit a firewall contained within a WAF policy.
To edit a firewall using the Console

Describes how to edit a firewall contained within a WAF policy using the OCI Console.

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

    Alternatively, open the Web Application Firewall page and click Policies under Resources.

    The WAF Policies page appears.

  2. Select the Compartment from the list.

    All the WAF policies in that compartment are listed in tabular form.

  3. (Optional) Apply one or more of the following Filters to limit the WAF policies displayed:
    • State

    • Name

    • Policy Type: Select WAF Policy.

  4. Select the WAF policy to whose firewall you want to edit.

    The WAF Policy Details dialog box appears.

  5. Click Firewalls under Resources.

    The Firewalls list appears.

  6. Select the firewall you want to edit.

    The Firewall Details dialog box appears.

  7. Click Edit.

    Alternatively, click the Actions icon (Action icon) for the firewall and click Edit.

    The Edit Firewall dialog box appears.

  8. Edit the firewall settings. See Adding Firewalls for descriptions of each setting.
  9. Click Save Changes.

The Edit Firewall dialog box closes. The updates you made are present in the details of the firewall.

To edit a firewall using the CLI

Describes how to edit a firewall contained within a WAF policy using the CLI.

Enter the following command and required parameters:
oci waf web-app-firewall update-for-load-balancer --web-app-firewall-id web-app-firewall-id

See the CLI online help for a list of optional parameters:

oci waf web-app-firewall update-for-load-balancer --help

See oci waf web-app-firewall update-for-load-balancer for a complete description of the command.

To edit a firewall using the API

Describes how to edit a firewall contained within a WAF policy using the API.

Run the UpdateWebAppFirewall method to edit a firewall. See UpdateWebAppFirewall for a complete description.

Deleting Firewalls

Describes the different methods to delete from a WAF policy.

Use one of the following methods to delete a firewall from a WAF policy.
To delete a firewall using the Console

Describes how to delete a firewall from a WAF policy using the OCI Console.

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

    Alternatively, open the Web Application Firewall page and click Policies under Resources.

    The WAF Policies page appears.

  2. Select the Compartment from the list.

    All the WAF policies in that compartment are listed in tabular form.

  3. (Optional) Apply one or more of the following Filters to limit the WAF policies displayed:
    • State

    • Name

    • Policy Type: Select WAF Policy.

  4. Select the WAF policy whose firewall you want to delete.

    The WAF Policy Details dialog box appears.

  5. Click Firewalls under Resources.

    The Firewalls list appears.

  6. Select the firewall to delete.

    The Firewall Details dialog box appears.

  7. Click Delete.

    Alternatively, click the Actions icon (Action icon) for the firewall and click Delete.

  8. Confirm the deletion when prompted.

The list of firewalls reappears without the firewall you deleted.

To delete a firewall using the CLI

Describes how to delete a firewall from a WAF policy using the CLI.

Enter the following command and required parameters:
oci waf web-app-firewall delete --web-app-firewall-id web-app-firewall-id

See the CLI online help for a list of optional parameters:

oci waf web-app-firewall delete --help

See oci waf web-app-firewall delete for a complete description of the command.

To delete a firewall using the API

Describes how to delete a firewall from a WAF policy using API.

Run the DeleteWebAppFirewall method to delete a firewall. See DeleteWebAppFirewall for a complete description.

Viewing Firewall Metrics

Describes how to view metrics for a firewall contained within a WAF policy using the OCI Console.

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

    Alternatively, open the Web Application Firewall page and click Policies under Resources.

    The WAF Policies page appears.

  2. Select the Compartment from the list.

    All the WAF policies in that compartment are listed in tabular form.

  3. (Optional) Apply one or more of the following Filters to limit the WAF policies displayed:
    • State

    • Name

    • Policy Type: Select WAF Policy.

  4. Select the WAF policy to whose firewall metric which you want to view.

    The WAF Policy Details dialog box appears.

  5. Click Firewalls under Resources.

    The Firewalls list appears.

  6. Select the firewall whose details you want to get.

    The Firewall Details dialog box appears.

  7. Click Metrics under Resources.
  8. Specify the date-time group range covered by the metrics by completing the following:
    • Start time

    • End time

    Alternatively, select one of the time spans from the Quick Selects list. The time spans available range from the previous hour to 90 days in the future from that moment.

The Metrics list appears. The list consists of panels displaying metric information on areas such as blocked requests, detected requests, traffic, and response code groups. For each panel, you can select commands from the Options list. These commands include viewing the query in the Metric Explorer, copying the chart URL, copying the query, and viewing the metric information in table view. You can also specify the Interval and Statistic for each chart.

See Monitoring for more information on monitoring and the Metric Explorer. Use the oci_waf namespace when prompted to provide a monitoring namespace.

Listing Firewall Logs

Describes how to view logging information for a firewall contained within a WAF policy using the OCI Console.

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

    Alternatively, open the Web Application Firewall page and click Policies under Resources.

    The WAF Policies page appears.

  2. Select the Compartment from the list.

    All the WAF policies in that compartment are listed in tabular form.

  3. (Optional) Apply one or more of the following Filters to limit the WAF policies displayed:
    • State

    • Name

    • Policy Type: Select WAF Policy.

  4. Select the WAF policy to whose firewall logs you want to list.

    The WAF Policy Details dialog box appears.

  5. Click Firewalls under Resources.

    The Firewalls list appears.

  6. Select the firewall whose logs you want to list.

    The Firewall Details dialog box appears.

  7. Click Logs under Resources.

The list of logs is displayed in tabular form. Each log entry includes the log status, links to display the individual log file and the log group to which it belongs. You can also enable or disable the log in each entry. See Logging Overview for general information on logging, including how to name log files and create log groups.

Moving Firewalls Between Compartments

Describes the different methods to move a firewall contained within a WAF policy between compartments.

Use one of the following methods to move a firewall contained within a WAF policy between compartments.
To move a firewall between compartments using the Console

Describes how to move a firewall contained within a WAF policy between compartments using the OCI Console.

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

    Alternatively, open the Web Application Firewall page and click Policies under Resources.

    The WAF Policies page appears.

  2. Select the Compartment from the list.

    All the WAF policies in that compartment are listed in tabular form.

  3. (Optional) Apply one or more of the following Filters to limit the WAF policies displayed:
    • Name

    • Policy Type

    • Status

  4. Select the WAF policy to whose firewall you want to move.

    The WAF Policy Details dialog box appears.

  5. Click Firewalls under Resources.

    The Firewalls list appears.

  6. Select the firewall you want to move.

    The Firewall Details dialog box appears.

  7. Click Move Resource.

    Alternatively, click the Actions icon (Action icon) for the firewall and click Move Resource.

    The Move Resource to a Different Compartment dialog box appears.

  8. Select the compartment to which you want to move your firewall from the Choose New Compartment list.
  9. Click Move Resource.

The firewall now appears in the compartment you moved it to.

To move a firewall between compartments using the CLI

Describes how to move a firewall contained within a WAF policy between compartments using the CLI.

Enter the following command and required parameters:
oci waf web-app-firewall change-compartment --compartment-id compartment-id --web-app-firewall-id web-app-firewall-id

See the CLI online help for a list of optional parameters:

oci waf web-app-firewall change-compartment --help

See oci waf web-app-firewall change-compartment for a complete description of the command.

To move a firewall between compartments using the API

Describes how to move a firewall contained within a WAF policy between compartments using the API.

Run the ChangeWebAppFirewallCompartment method to move a firewall between compartments. See ChangeWebAppFirewallCompartment for a complete description.