We have Citrix Knowledge Base (KB) articles and application guides for this but because we want to spread the goodness of Application Firewall (AppFW) :-), might be good to blog about it. If you have access to our support site, links are available below for same info.
The following are two options when creating AppFW profile from Add Profile menu:
Having these two options gives the user the flexibility to choose the learning mode and types of security that you want to enable. If user chooses basic when creating the profile, then the learning mode is not enabled by default. Although user can always change it to learning mode later as needed. See below capture for basic profile:
If user chooses Advanced when creating the profile, then learning mode is enabled by default. In addition, for the Advanced profile, the only security check that is disabled is Credit Card protection. Similar to Basic mode, this profile can change as needed. Here is the capture below for Advanced profile:
Another info to note is that security checks are disabled in the basic Application Firewall profile. These checks are in the Advanced mode profile. When the client submits the form in the next subsequent request, it is checked for inconsistencies before the information is sent to the Web Server. This concept is referred to as Sessionization. List of where NetScaler AppFW does the security checks can be found the following KB articles:
If you do not have access to the above links, best to work with you Citrix representative to ensure you have access to the Citrix support site and/or up-to-date maintenance support.
Also as additional note, while users can go to AppFW Profile menu to add Basic or Advanced profiles, users can also go to AppFW wizard menu to create same profiles without distinguishing between basic or advanced modes. AppFW wizard will give the user the selections to choose learning modes as well as more advanced protections in the same easy steps menu. This is all about customer’s preference of using wizard or creating profiles from Profile menu. Here is a capture of one of the steps from wizard menu for this info: