For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

mohammad_khalee's avatar
mohammad_khalee
Icon for Nimbostratus rankNimbostratus
Oct 20, 2013

ASM

is the ASM has the ability to protect the published web site from the defacement? if yes I Need the steps please .  
deployment
security
Mike_Maher's avatar
Mike_Maher
Icon for Nimbostratus rankNimbostratus
May 01, 2014

The ASM has a lot of ability and various ways to perform protection. I also would recommend reading the series written by John Wagon. It was a 10 part series and goes through some of the various levels of protection. Also you may want to for some white papers and read through them as well.

 

Just at a high level here are some of the things you can do with ASM.

 

  1. Restrict access to only certian file types, URLs and parameters (as well as checking the input for those parameters)
  2. Utilize Attack Signatures to check for known malicious traffic
  3. Check for malformed traffic by using HTTP Compliance
  4. Look Evasion Techniques
  5. Provide DoS protection
  6. Look for Web Scraping, XSS, and clickjacking
  7. GeoLocation restriction and IP Reputation (the later requires extra licensing)

Really if you build a solid white listing policy and re enforce that with the negative security checking of Attack Sigantures, Anomaly Detection, and IP restriction you can limit your exposure to most attacks.