For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Viv_Richards's avatar
Viv_Richards
Icon for Cirrostratus rankCirrostratus
Jul 07, 2022

Brute Force protection for single parameter like OTP

Brute Force Protection for single parameter This can be achieved with the help of ASM Data Guard & Session tracking 1. Log all request & response to record valid OTP request & invalid OTP request/r...
security
Parham_EJ__F5's avatar
Parham_EJ__F5
Icon for Employee rankEmployee
Jul 11, 2022

Many Thanks for sharing this scenario!

But, it seems that by configuring "Session Tracking" Feature in this manner, We are restricted with regards to the "Associated Violations" in Delay Blocking Section!

Because, we are obliged to filter JUST "Data Guard", and if we want to add other type of Violations, the "Violation Counter" does NOT work properly to count the exact number of JUST "Data Guard" Violations... 

Nikoolayy1's avatar
Nikoolayy1
Icon for MVP rankMVP
Jul 11, 2022

Maybe in the future there will be more options but still with the Data Guard many DLP or brute force attacks can be stopped that a normal WAF rule  will not block them as they are not a real Web attack that has bad request packet by blocking/rate limiting the session for the attacker Ip address/user/Device ID that generates them.