Forum Discussion

ee's avatar
ee
Icon for Cirrus rankCirrus
Aug 15, 2024

F5 AWAF Data Guard

According to the online resources, the data guard features will mask response containing sensitive data or block the response. However, if the application itself displays the sensitive information wh...
awaf
data guard
Amine_Kadimi's avatar
Amine_Kadimi
Icon for MVP rankMVP
Aug 18, 2024

It is not clear from your question where the sensitive information is generated and if it passes through f5 or not. As long as the data is passing through F5 and visible by the WAF module then it can be masked/blocked. 

  • ee's avatar
    ee
    Icon for Cirrus rankCirrus
    Aug 19, 2024

    Supposedly if we enable data guard for the policy by navigating through “Security” -> “Application Security” -> “Data Guard”, and also enable the "Learn, Alarm and Block" in "Security” -> “Application Security” -> “Policy Building” -> “Learning and Blocking Settings”, then it can be considered passing through f5 right?

    • Amine_Kadimi's avatar
      Amine_Kadimi
      Icon for MVP rankMVP
      Aug 20, 2024

      By passing through F5, I meant the sensitive data is going through a published virtual server which has WAF enabled. 

      If you enable dataguard learn, alarm, block for a policy in blocking mode, and enable dataguard itself, then sensitive data will cause a blocking page