In the following use case, we use the sitemap and learning capabilities to protect a backend against unwanted accesses.
The workflow executes as follows:
- Setting the attribute "learning" to false, indicating default behaviour : do not learn
- The Sitemap Validation then check the incoming request against the specified sitemap
- Then, the condition check if the request is valid or not
- If the request is valid, proceed with proxy request
- If not valid, another condition check if the client is trustable (for this use case : coming from 192.168.0.0/16)
- If the client is trustable, set the learning attribute to true and then proceed to proxy request
- If the client is not trustable, block him
- A condition after the proxy request will check if learning is required
- If so, the Learning Log will add the request to the learning log database
Updating the sitemap
The learning log node only send a log to the learning logs database. To update your sitemap, you must follows instruction from Learning Logs view and then, apply your tunnel to use the new version of the siteamp.