F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

soymanue's avatar
soymanue
Icon for Nimbostratus rankNimbostratus
Aug 20, 2013

BEAST ATTACK

Has the Beast Attack vulnerabilty been solved with 11.4 version? http://support.f5.com/kb/en-us/solutions/public/13000/400/sol13400  
deployment
security
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Aug 20, 2013

Have you seen this:

 

F5 Threat Mitigation: BEAST

 

Enforcing TLSv1.2 is one option, but ultimately to protect against the underlying CSRF and not alienate a bunch of customers that can't support TLSv1.2, you need a web application firewall like ASM.