For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

draco_184361's avatar
draco_184361
Icon for Nimbostratus rankNimbostratus
Dec 28, 2017

Couple of questions regarding ASM.

1) if i choose enforcement readiness to 7 days, then after 7 days will the enforcement mode change from transparent to blocking automatically ? or does it just mean the system starts suggesting the entities and attack signatures are to be enforced or not ?

 

2)For SSO authentication , is there any protection that can be given from ASM ?

 

3)Has any deployed ASM for open text based CMS ?

 

4) For NTLM authentication used on application, what are the protection that can be done on ASM ?

 

Do Reply and thanks!

 

application delivery
ASM Advanced WAF
BIG-IP
security

1 Reply

  • Srini_87152's avatar
    Srini_87152
    Icon for Cirrostratus rankCirrostratus
    Dec 28, 2017

    1) if i choose enforcement readiness to 7 days, then after 7 days will the enforcement mode change from transparent to blocking automatically ? or does it just mean the system starts suggesting the entities and attack signatures are to be enforced or not ?

     

    it wont block until you update policy as block mode, the period just suggest entities and attack signatures.

     

    2)For SSO authentication , is there any protection that can be given from ASM ? i dont think any specific thing on ASM,mostly it should be via APM

     

    3)Has any deployed ASM for open text based CMS ? not sure

     

    4) For NTLM authentication used on application, what are the protection that can be done on ASM ? normally, start with default ASM signatures and based on event logs keep update all you files,parameters,ips etc to blcok...