Forum Discussion

saidshow_251381's avatar
saidshow_251381
Icon for Cirrostratus rankCirrostratus
Dec 07, 2016

Can I use the F5 for Rate Limiting?

I had been looking at the Session Tracking in ASM previously hoping that it would be able to perform rate limiting. Unfortunately it seems that in order for any lockout to occur via Session Tracking in ASM, a threshold of policy violations needs to be triggered. This is a great feature however not what I am looking for. In the event that a user is spamming or replaying valid requests back to the application, we would want to lockout that user or at least slow them down.

 

Is there some way that the F5 can be utilised to perform rate limiting from an individual eg. session based etc.

 

  • I tested session tracking, iRules and DoS profiles. For what I want to do the DoS profiles suit best. The limitation I had with session tracking is that this requires a threshold of policy violations to be triggered - replaying valid traffic would never trigger a violation. When I tried rate limiting with iRules, I was blocking all traffic to the app once a single offender passes the threshold. DoS profiles have plenty of options and configurability. When a user passes the threshold, that user is locked out and no-one else is. There are great options for a range of different things in there too.

     

  • I tested session tracking, iRules and DoS profiles. For what I want to do the DoS profiles suit best. The limitation I had with session tracking is that this requires a threshold of policy violations to be triggered - replaying valid traffic would never trigger a violation. When I tried rate limiting with iRules, I was blocking all traffic to the app once a single offender passes the threshold. DoS profiles have plenty of options and configurability. When a user passes the threshold, that user is locked out and no-one else is. There are great options for a range of different things in there too.