It is not always easy to determine which server technologies apply to the applications for which you are creating security policies. Server technologies can be server-side applications, frameworks, programs, web servers, operating systems, and so on, and they are associated with one or more sets of attack signatures that can be added to the policy. This allows you to assign a more selective set of attack signatures to the policy, that is, signatures that specifically apply to the technologies used in the application being protected.

When you first create a security policy, you have the opportunity to select server technologies that you know about. Once the policy is created, you can have it automatically detect server technologies. In this case, the policy can detect appropriate server technologies, and can continue to detect new server technologies if the back-end server infrastructure changes, if new systems are added, or if an attack signature update adds a new server technology that is appropriate for the policy.

The system can automatically detect the server technology on Request headers and payloads only when a successful response code is received (1xx/2xx/3xx). For Responses, server technology can be detected only if "Content-Type" header is in the response. The system also learns technologies from error responses, such as 4xx and 5xx status codes (even if they are not listed in the HTTP Response Status Codes used to learn traffic in the Learning and Blocking Settings).

You can also manually add server technologies to the policy if you determine that certain ones are appropriate for the applications being protected and want to apply them right away.

1. On the Main tab, click Security > Application Security > Policy Building > Learning and Blocking Settings .
   The Learning and Blocking Settings screen opens.
2. In the Policy Building Settings area, expand Server Technologies and select Enable Server Technology Detection.
3. Click Save to save your settings.
4. Click the arrow next to Enable Server Technology Detection.
   The Policy: Server Technologies screen opens where you can see which server technologies are applied to the current security policy.
5. Click Add Server Technology to see the server technologies that are discoverable, and select any that you know apply to the applications being protected, and click Save.
   If manually adding a server technology that has implied technologies, you see a notification that lists the additional server technologies that will be added. For example, if you add ASP.NET, IIS and Microsoft Windows are also included.
6. In the editing context area, click Apply Policy to put the changes into effect.