ASM and ADFS

Question

Hi&nbsp;
I am deploying LTM for balancing ADFS. As ADFS is using https customer has asked if ASM inspection is possible and if it would add any value.&nbsp;
Is anybody able to help answer to this?&nbsp;
Thanks in advance&nbsp;

nathe · Answer

Paul, I haven't done this myself, but my general opinion is if a http(s) service is published on the internet then a WAF will, in most cases, offer some protection and I would recommend it. This would be to prevent against known http rfc violations and general attacks, like xss. &nbsp;
A quick search on ADFS vulnerabilities returned this CVE  which is a XSS vulnerability. So, a WAF in a purely negative model of security would help. &nbsp;
Hope this helps,&nbsp;
N&nbsp;

Forum Discussion

ASM and ADFS

Recent Discussions

Diameter iRules attachment?

Source IP F5 DNS Zone Forwarder

F5 BIG-IP

BIG-IP Oauth Client and AS

How to Renew F5 Device Certificate

Related Content

ADFS Proxy, APM, ASM Craziness

ADFS Proxy Replacement on F5 BIG-IP

Big-IP and ADFS Part 5 – “Working with ADFS 3.0 and SNI”

Big-IP and ADFS Part 2 - APM: An Alternative to the ADFS Proxy

Big-IP and ADFS Part 1 – “Load balancing the ADFS Farm”

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS