Configuring Auto Configuration Engine (ACE)

The Auto Configuration Engine (ACE) analyzes traffic in real time. ACE evaluates traffic patterns and inspects parameters to generate recommendations for Barracuda Web Application Firewall deployments. It calculates various types of recommendations based on the application traffic. The Auto Configuration Engine can be enabled or disabled at both global and service level. Individual recommendation categories can also be enabled or disabled for more granular control.

The recommendations generated by ACE are displayed in three (3) tables:

• Active: Displays all active and unapplied recommendations.
• Ignore: Displays all ignored recommendations.
• Disabled: Displays all disabled recommendation categories.

The Active table provides the recent and unapplied recommendations. You can choose to apply or ignore the recommendation or disable the recommendation category. Based on the option you select, the recommendation is either applied to the Barracuda WAF, or moved to the Ignored/Disabled table. You can later review and apply the recommendations that are in the Ignored table (as per the requirement).

If you disable a recommendation category at service level in the Active table, all recommendations related to that category will be moved under the Disabled table for that service. You can re-enable the respective recommendation category in the Disabled table for the respective service to receive recommendations.

For the global level changes, use the options provided in “Preferences”.

Enable Auto Configuration Engine

1. Go to the BASIC > Recommendations page.
2. In the Auto Configuration Engine section, set Auto Configuration Engine to Enable.
3. Click Save.

Set the Preferences for Recommendations

Parameters in "Preferences" are applied to all services. However, a service can be configured to not receive any further recommendations.

1. In the Auto Configuration Engine section, click Preferences.
2. On the Preferences page, do the following:

• Under Features:
  • Service Mode: Set to Enable to enable the service recommendation. This setting is a global setting and enables the administrator to move a service from the Passive to Active mode.
• Under Security:
  • Request Limits Tuning: When set to Enable, this recommendation provides control over generations of recommendations for various request limits. It also helps in tuning the parameters as per the application traffic.
  • IP Reputation: When set to Enable, this recommendation uses the "Client Fingerprinting" and "Risk Score" service to generate a conclusive score for the incoming request IP address. The service creates an IP reputation list that is used to assess the authenticity of the incoming request.
  • Cookie Security Settings: When set to Enable, this recommendation provides an option to configure all the cookie security-related parameters with the help of recommendations generated based on the respective application traffic.
  • Well-known ADR: When set to Enable, this recommendation helps in creating ACL rules (Allow and log) for the detecting components in well-known space.
  • URL Protection Tuning: When set to Enable, this recommendation category detects the URL parameters in the incoming requests and identifies the parameter limits for the configured application.
  • SSL Errors: When set to Enable, this recommendation helps in identifying the SSL handshake errors and configuring various parameters in the "Applications SSL Security" settings.
• Under Services:
  • Services: A service can be added or removed from the “Enabled” or “Disabled” categories to receive the recommendations. All services that are included in the “Enable” option receive active recommendations. Also, all services included in the “Disable” option do not receive any further recommendations.
    
    A service can be moved from the "Enable" to "Disable" category by using the text-box option. The text-box option displays the service name when you start typing in the drop-down list.

3. Click Save.