Forum Discussion
ghost-rider,
In essence the Rapid Deployment Template is just a negative security policy with Dataguard and http/cookie RFC protections really.
URL, parameter and file types are not learned/tightened and they just use the wildcard. Of course you can change this but, by default, this is the setting.
For learning speed, unlike Automatic Policy Builder it will Learn everything it sees, if in Policy Blocking Settings the violation is set to Learn e.g. Attack Signatures (but not illegal file type, for example, as the wildcard is in use). You'll see learned suggestions in the Manual Traffic Learning section.
Might I recommend Manual policy building without using a template. This way you can set how you want file types/urls and parameters to be tightened etc... and get a fuller picture of your web app/app security by testing the application.
Hope this helps,
N