Dell SonicWALL Secure Mobile Access 8.5Administration Guide 295Figure 47. Monitoring Page After BlockingRules are matched against both inbound and outbound HTTP(S) traffic. When all rules in a rule chain find amatch, the action defined in the rule chain is done. You can also enable rate limiting in rule chains to trigger anaction only after the number of matching attacks exceeds a threshold within a certain time period. You canconfigure the action to block the traffic and log the match, or to simply log it. You can also set the action toDisabled to remove the rule chain from active status and stop comparing traffic against those rules.The Custom Rules feature can be enabled or disabled using the Enable Custom Rules global setting.Configuring Application ProfilingYou can create URL profiles by putting the SMA/SRA appliance into learning mode while applications are in useby trusted users, and then use those URL profiles to generate rule chains that prevent malicious misuse of theapplications.To configure application profiling and automatically generate rules:1 Navigate to the Web Application Firewall > Rules page.2 Under Application Profiling, select one or more portals with the application(s) to be profiled from thePortals drop-down list. Use Shift+click or CTRL+click to select multiple portals.NOTE: Rule chains are enforced in the order that the rule chains were added. This order can be changedby deleting and re-creating rule chains.Similarly, rules within rule chains are enforced in the order that the rules were added. This order can bechanged by deleting and re-creating rules.NOTE: Application profiling is supported only on the SMA 400, SRA 4600, and SMA 500v Virtual Appliance.
