F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

toneman172_1806's avatar
toneman172_1806
Icon for Nimbostratus rankNimbostratus
Nov 22, 2017

Brute Force Protection

Hello, When configuring brute force protection on v12.1.2, it seems session-based protection overrides dynamic protection since a user will be blocked after the 'Login Attempts From The Same Client' ...
ASM Advanced WAF
security
nathe's avatar
nathe
Icon for Cirrocumulus rankCirrocumulus
Nov 24, 2017

Toneman172,

 

Session and dynamic based are mitigating two different scenarios so won't necessarily compete with each other.

 

Session based centres on cookies with a malicious user repeatedly attempting to login with same browser session on the same client.

 

Dynamic is more relevant to tool based attacks which don't use cookies so won't trigger session based attacks. Here asm is looking for high threshold attacks, most like from different IPs.

 

Also, session will send a blocking page in a http response so is a client mitigation and not one simply blocking an IP address.

 

Hope this helps,

 

N

 

Related Content