Forum Discussion

Nimbostratus

Feb 16, 2015

ASM module - efficacy testing

Hello everyone, I've deployed an F5 BIG-IP 2000s with LTM and ASM inside my architecture and I need to test the efficacy of Web Application Firewall (ASM module). I've deployed "WebGoat" applica...

Altostratus

Feb 17, 2015

If the logging profile on the virtual server is set to "log illegal requests only" switch it to "log all requests" and generate traffic to confirm that the ASM security policy is in fact seeing the post. If the post is logged examine the request. Are there any violations? Depending on the state of the security policy configuration it is possible for a request to violate the security policy but not get blocked by ASM.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)