F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Nuruddin_Ahmed_'s avatar
Nuruddin_Ahmed_
Icon for Cirrostratus rankCirrostratus
Nov 06, 2017

Exchange behind ASM and XSS

Hi i want to know if enabling all "cross site scripting" signatures for exchange can cause false positive alerts/blocks? I want to enable it but afraid of too many false positive blocks. Exchange pub...
application delivery
ASM Advanced WAF
Hannes_Rapp's avatar
Hannes_Rapp
Icon for Nimbostratus rankNimbostratus
Nov 07, 2017

Can you specify what are those "default ASM templates" you have tried? The template policy you pick must match your application version. Config of a particular policy may work with one software version but not the other. Maybe this could be your problem? Also make sure you have updated to latest revision of ASM Attack Detection Signatures. ASM policy templates provided by F5 for popular applications like Exchange are generally vetted properly and should work out of box.