Forum Discussion

Nimbostratus

Feb 28, 2017

ASM Brute Force Protection for Micro-Soft ActiveSync

Hello All, I have configured F5 ASM Brute force Protection for Microsoft-Server-ActiveSync URL using the session based mitigation method with "Login Attempts form Same Client" value set to 2. ...

ASM Advanced WAF

security

samstep

Cirrocumulus

Mar 28, 2017

I am not a Mobile ActiveSync expert, but it looks like the mobile client is using different URL or username parameter. You need to figure out the difference between a web and mobile client requests by looking at the request logs in ASM and adjust your ASM policy accordingly

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

ASM Brute Force Protection for Micro-Soft ActiveSync

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How APM GET IOS UUID & Andriod MAC

Expired client-certificate

F5 Big-IP Trust Internal CA Chain certificates for Web Servers

XC - geo LB to the origin servers

Floating Ip Problem

Related Content

F5 API Security: Discovery and Protection

L7 DoS Protection with NGINX App Protect DoS

NGINX App Protect v5 Signature Notifications

Cookie-based DDoS protection

Beyond REST: Protecting GraphQL

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS