F5 WAF use case for internal network

Question

HiI’m using F5 products for couple of years, and always use F5 WAF for external users (Untrust zone)&nbsp;now try to enable it for internal users to protect a web server (confluence (tomcat)).&nbsp;after I enable F5 WAF we have lot performance and functional issue on Confluence, &nbsp;FYI 1: F5 work on learning mode not blocking mode.&nbsp;now one question come to my mind, is it logical to use F5 WAF protection for this web server?FYI 2: this server has no internet connection. Not published on internet. Only internal users in LAN able to access this server.&nbsp;FYI 3: I see lot’s of people have issue with confluence and F5.&nbsp;&nbsp;Any idea?Thanks

nikoolayy1 · Answer

You mean that F5 ASM policy is in transperant mode and you still get performance and functional issues?

Have you checked the F5 ASM CPU and Memory as the learning mode may cause high cpu if there is a lot to learn and I see that the confluence causes a lot of false postives (you may also upload a qkview to ihealth and check the CPU and memory and found bugsfor the ASM from the security tab in ihealth):

https://support.f5.com/csp/article/K47045262

https://support.f5.com/csp/article/K58571155

Also do you add a lot of files on the Confluence as you may need to read:

https://support.f5.com/csp/article/K01235989

Forum Discussion

F5 WAF use case for internal network

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Create isolated environment for internal and external networks

Implementing SSL Orchestrator - Network Insertion Use Cases

SSL Orchestrator Advanced Use Cases: Enabling GCloud Organization Restrictions

Cloud Docs - Use Case Guide to Service Proxy (SPK) for Kubernetes

F5 SIRT ESRP Case Study: Regional Bank

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS