Forum Discussion

MR_Freddy's avatar
Icon for Nimbostratus rankNimbostratus
Nov 03, 2019

APM/ASM Exchange ActiveSync Brute Force Protection



We are facing issue when configuring the Brute Force for Exchange ActiveSync service.


We have virtual server configured with APM Policy and ASM as well.


We tried to bypass the ActiveSync from APM to send the traffic of login page /Microsoft-Server-ActiveSync to ASM to detect the Brute Force Attack but not worked fine.


We tried also to not bypass the activesync from APM and used "Max user attempts" feature on AD Auth Agent to be 3 attempts but didn't worked also


As well as the AD configured to lock the account after 5 attempts so we found that APM didn't force the user to logout after 3 attempts which lead that account was locked on AD


In the same time we can't use google CAPTCHA option as per requirements , so Any help here ? How we can achieve brute force mitigation for ActiveSync when we have APM and ASM in the same virtual server