Access rules for Outlook Web App

Hello,

 

I am new to F5 and have a couple of questions regarding Access Policy Manager.

 

 

1. Is there a way to limit accessible URLs patterns and available file types when publishing Outlook Web Access via APM?

 

How can it be done with APM?

 

As an example, I would like to disallow some invalid characters and bad patterns like ".." which were frequently exploited on IIS in the past for escaping published directories.

 

 

2. Microsoft Forefront UAG comes with a pre-configured set of such rules for different Exchange versions.

 

Is there a similar set of pre-configured Exchange rules that exist for F5?

 

I can try to export the UAG rule set, but an existing F5 set would save me some days of programming and testing.

 

 

3. Is there a way to implement wit APM a brute force attack and account lockout protection for OWA?

 

This is to prevent an external attacker from trying passwords and locking accounts.

 

 

Thank you in advance for you help