Forum Discussion

hosting-team

Nimbostratus

Sep 26, 2022

BIG-IP AFM DoS Device Protection source IPs logged?

Are the source IPs of a DoS attack logged on the F5 anywhere?

security

AubreyKingF5

Moderator

Oct 04, 2022

Logging on a DoS firewall needs to be carefully dialed in. If we were to turn on source logging by default, a 3DoS could fill a BIG-IP disk in minutes, or even seconds, depending on the attack. Unfortunately, the answer to your question is 'No,' however.. I would highly encourage you to get a dedicated physical link on your F5 - as big as you can get it.. maybe 2 ports per box, aggregated - for logging, if you want to do DoS logging. Then, you need to set up a logging profile:
https://support.f5.com/csp/article/K51266926

That should be enough to point you in the right direction.

Recent Discussions

Is network access bypassing APM logon pages?
Solved
Sep 16, 2024
ThomasP
<apm_do_not_touch> in JS file failing</apm_do_not_touch>
Sep 16, 2024
Michael_Jenkins
Suddenly Can't access Login Box to F5 LTM Via SSH & GUI
Sep 16, 2024
Gmaster97
LTM + GTM on same box
Sep 16, 2024
AshrafKassem
Application drop down menus does not work behind F5 APM Portal Access
Sep 16, 2024
CANANOZDOGANASLAN

Forum Discussion

BIG-IP AFM DoS Device Protection source IPs logged?

Recent Discussions

Is network access bypassing APM logon pages?

<apm_do_not_touch> in JS file failing</apm_do_not_touch>

Suddenly Can't access Login Box to F5 LTM Via SSH & GUI

LTM + GTM on same box

Application drop down menus does not work behind F5 APM Portal Access

Related Content

Protecting the F5 BIG-IP AFM system with AFM Protocol Inspection System Checks

Explore how F5 BIG-IP Advanced WAF protects against attacks on GraphQL API

Re: Get Started with BIG-IP Virtual Edition (VE), BIG-IQ VE or BIG-IP Cloud Edition Trial

Protect Your Kubernetes Cluster Against The Apache Log4j2 Vulnerability Using BIG-IP

Protecting API Access with BIG-IP using OAuth