Exchange server extended protection and BigIP

Question

i have exchange server secured by WAF, i need to enable extended protection as below :

https://learn.microsoft.com/en-us/exchange/plan-and-deploy/post-installation-tasks/security-best-practices/exchange-extended-protection?view=exchserver-2019#enabling-extended-protection

so does WAF support this? i mean is there anything i have to change from WAF?

f5admin2024 · Answer

same here, same situation.&nbsp;any ideas?

jhduke · Answer

Same problem but different implementation. I'm front-ending and external connection inbound to Exchange via EWS to pull mailbox info. Once EP was enabled it broke the NTLMv2 auth via APM.... Looking for a way to capture the user account making the request to allow/deny based on the user. Exchange is looking for NTLM auth so basic on APM for EWS won't work...&nbsp;

juergen_mang · Answer

Extended protection is not supported: https://community.f5.com/discussions/technicalforum/cve-2024-21410/328785

p_kueppers · Answer

Its working when you only use OWA and use form-based SSO or basic-auth for active-sync

Forum Discussion

Exchange server extended protection and BigIP

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

L7 DoS Protection with NGINX App Protect DoS

Beyond REST: Protecting GraphQL

Managing NGINX App Protect WAF for Beginners

Cookie-based DDoS protection

Protecting gRPC based APIs with NGINX App Protect

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS