Starting with this version, WAF Security events per application are also supported in Out-of-Path (OOP) mode. Prior to this version, WAF Security events per application were only supported in inline mode.

These events are sent in CEF format via its event logging module (over TCP/TLS), in the context of the application.

Note: In OOP mode, it is not possible to correlate between the security event and its relevant traffic event. This means that the traffic event in OOP mode will not have security severity due to a WAF attack detected and will not include the WAF transaction ID.

The security events per application can be viewed on the Alteon Cloud Control Application Dashboard, version 1.3.0 and later, but are currently not available on the APSolute Vision Application Dashboard. However, they can be sent to a third-party SIEM.