Rules are grouped and included in rule sets on the appliance. A rule can never stand on its own, it must be included in a rule set.
A rule set can include just a single rule or several of them. It can also include one or more nested rule sets. If it includes nested rule sets, it can include individual rules on the same level as the nested rule sets.
Rule sets usually include rules that work together to provide a particular function for ensuring web security.
For example, a virus and malware filtering rule set will include a rule that blocks infected rule sets and one or several others that whitelist objects to let them skip the blocking rule and ensure users can access them.
You can modify the implemented rule sets and create rule sets of your own to build functional units in whatever way is suitable for your network.
Rule set criteria
Like rules, rule sets have criteria and are applied if their criteria matches.
Usually, the criteria of a rule set differs from that of its rules. For a rule to apply, both its own criteria and the criteria of its rule set must match.
Rule set cycles
Rule sets are processed, with their rules, in the three cycles of the filtering process.
A rule set can be processed in any combinations of these cycles, for example, only in the request cycle or in both request and response cycles, and also in all three cycles.
The cycles of a rule set are at the same time those of the individual rules it includes. A rule cannot differ withregard to cycles from its rule set.
Nested rule sets
Rule sets can have other rule sets nested within them. A nested rule set has its own criteria.
Regarding cycles, it can only be processed in the cycles of the nesting rule set, but need not be processed in all of them.
This way, a nested rule set can be configured to deal especially with a particular cycle, while another nested rule set deals with a different cycle.
For example, a media type filtering rule set could apply to all cycles, but have nested rule sets that are not processed in all of them.
Media Type Filtering rule set (for requests, responses, and embedded objects)
- Nested rule set Media Type Upload( for requests)
- Nested rule set Media Type Download for responses and embedded objects)