Forum Discussion

Nimbostratus

Feb 17, 2011

ASM Policy Blocking

So I am currently trying to determine what is best blocked at the ASM and what to allow to pass to the application security layer. So I realize that some of the blocks at ASM are subjective to what t...

app sec

BIG-IP Access Policy Manager (APM)

security

hoolio

Cirrostratus

Feb 17, 2011

I'd be leery of depending solely on application side validation. It's great if the application does validation, particularly in the framework. But there is always a chance of misconfiguration or errant use of the framework within the application. If the app owners swear up and down they're doing proper validation, I'd still do a pen test to check it before disabling those checks in ASM.

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ASM Policy Blocking

Recent Discussions

BIG-IP VE - qemu on an Apple Silicon Macbook

Minimum connection to guarantee the use of corporate VPNs.

F5 iControl REST API - viewBy Parameter Issue in Analytics Report

Local Traffic Policy rule or irule to bypass the BIG-IP ASM

Is it possible to connect to VPN from a Windows client command line without user interaction?

Related Content

Block IP after a number of ASM Blocks

ASM Policy Report

SSL Orchestrator Advanced Use Cases: Custom Blocking Pages

ASM logs

BigIP ASM can't block Command Execution Attack

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS