ProtocolHeaderRiskCondition

Protocol header risk condition policy restricts the application of a policy to access requests based on the HTTP protocol properties stored in the requests.

Description

Description of the configuration object

Type (required)

The type of risk condition according to the data that it stores and evaluates when this condition is called.

  • Allowed Values:

    • RESOURCE_SENSITIVITY

    • TIME_RANGE

    • IP_RANGE

    • PROTOCOL_HEADER

    • USER_ATTRIBUTE

    • CALLOUT

    • LOGIN_INTERVAL

    • LOGIN_FAILURES

    • USER_CONTEXT_AWARE

Risk level

The risk level is a number added to a request when a condition evaluates to true. The higher the risk level number, the bigger the threat.

Do negate result after evaluation

Whether or not the condition is evaluated and the result is then negated, which results in an opposite condition. This option is useful, for example, when specifying complements of data ranges. This option has no effect for following types of conditions: callouts conditions, resource sensitivity conditions, user-context-aware conditions.

Do assign risk level if condition can’t be evaluated

Whether or not the risk level specified for this condition is used even when the condition cannot be evaluated from either insufficient information in request or user data or due to an application error. The risk level is not processed for USER_CONTEXT_AWARE, LOGIN_FAILURES, LOGIN_INTERVAL and USER_ATTRIBUTE conditions if there is no server subject. This option has no effect for following types of conditions: resource sensitivity conditions, user-context-aware conditions.

Name

The protocol header name.

Value

The matching value of the protocol header. This field accepts regular expression syntax. For example, .*Mozilla.* is a valid value declaration if the 'Using regular expressions' option is checked.

Do process value as regular expression

Whether or not the 'Value' field is processed as a regular expression.