For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Marcus_Spitzmil's avatar
Marcus_Spitzmil
Icon for Nimbostratus rankNimbostratus
May 16, 2016
Solved

ASM and TCP based applications

Hello, I am not an F5 expert, but am asking on behalf of a customer. I am trying to find the following:

 

Can ASM be leveraged to inspect application traffic when the application is using a TCP (not HTTP) based access policy? If so, is this out of the box or is there special configuration required? The customer is using Big-IP using F5 for reverse proxy and SSL offload.

 

Any help would (and links) would be greatly appreciated.

 

Thanks, Marcus

 

application delivery
ASM Advanced WAF
BIG-IP
security
  • Yann_Desmarest_'s avatar
    Yann_Desmarest_
    May 16, 2016

    Hello,

     

    ASM is a Web application firewall and is dedicated to the protection of web apps.

     

    You can use the ASM license to protect smtp and ftp services.

     

    If you have a custom TCP app, you have better to go with LTM, irules and IP Intelligence (ip reputation db)

     

    You can find info on devcebtral and askf5.f5.com

     

12 Replies

  • Yann_Desmarest_'s avatar
    Yann_Desmarest_
    Icon for Nacreous rankNacreous
    May 16, 2016

    Hello,

     

    ASM is a Web application firewall and is dedicated to the protection of web apps.

     

    You can use the ASM license to protect smtp and ftp services.

     

    If you have a custom TCP app, you have better to go with LTM, irules and IP Intelligence (ip reputation db)

     

    You can find info on devcebtral and askf5.f5.com

     

    • Marcus_Spitzmil's avatar
      Marcus_Spitzmil
      Icon for Nimbostratus rankNimbostratus
      May 16, 2016
      Thanks a lot for the quick response. In this case it actually is a web app using websockets, which require a TCP based access policy. I am assuming this does not change your answer? Please confirm, then I'll mark your answer. Thanks! Marcus
    • Erik_Novak_2712's avatar
      Erik_Novak_2712
      Historic F5 Account
      May 16, 2016
      The upcoming ASM v12.1 supports WebSocket applications. The standard TCP profile must be used on the virtual server, and then you add a WebSocket profile. Automatic configuration of WebSocket URLs is also configurable.
    • Yann_Desmarest_'s avatar
      Yann_Desmarest_
      Icon for Nacreous rankNacreous
      May 16, 2016
      Hi, Websocket is currently supported using LTM only. As Erik mentioned, you need to wait for the 12.1.0 to be released
  • Yann_Desmarest's avatar
    Yann_Desmarest
    Icon for Cirrus rankCirrus
    May 16, 2016

    Hello,

     

    ASM is a Web application firewall and is dedicated to the protection of web apps.

     

    You can use the ASM license to protect smtp and ftp services.

     

    If you have a custom TCP app, you have better to go with LTM, irules and IP Intelligence (ip reputation db)

     

    You can find info on devcebtral and askf5.f5.com

     

    • Marcus_Spitzmil's avatar
      Marcus_Spitzmil
      Icon for Nimbostratus rankNimbostratus
      May 16, 2016
      Thanks a lot for the quick response. In this case it actually is a web app using websockets, which require a TCP based access policy. I am assuming this does not change your answer? Please confirm, then I'll mark your answer. Thanks! Marcus
    • Erik_Novak_2712's avatar
      Erik_Novak_2712
      Historic F5 Account
      May 16, 2016
      The upcoming ASM v12.1 supports WebSocket applications. The standard TCP profile must be used on the virtual server, and then you add a WebSocket profile. Automatic configuration of WebSocket URLs is also configurable.
    • Yann_Desmarest's avatar
      Yann_Desmarest
      Icon for Cirrus rankCirrus
      May 16, 2016
      Hi, Websocket is currently supported using LTM only. As Erik mentioned, you need to wait for the 12.1.0 to be released