Forum Discussion

Cirrostratus

Nov 07, 2017

Exchange behind ASM and XSS

Hi i want to know if enabling all "cross site scripting" signatures for exchange can cause false positive alerts/blocks? I want to enable it but afraid of too many false positive blocks. Exchange pub...

application delivery

ASM Advanced WAF

Hannes_Rapp

Nimbostratus

Nov 07, 2017

Can you specify what are those "default ASM templates" you have tried? The template policy you pick must match your application version. Config of a particular policy may work with one software version but not the other. Maybe this could be your problem? Also make sure you have updated to latest revision of ASM Attack Detection Signatures. ASM policy templates provided by F5 for popular applications like Exchange are generally vetted properly and should work out of box.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Exchange behind ASM and XSS

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

SSL Bridging and FQDN rewrite Policy

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

Could not communicate with the system. Try to reload page.

F5 BIG IP laboratory license

F5 mssql health monitor failing

Related Content

Exchange 2016

F5 asm/awaf

Technical Impacts of Open Banking and Financial Data Exchange on Financial Systems

Exchange 2019

File Uploads and ASM

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS