Forum Discussion

Seçkin's avatar
Seçkin
Icon for Cirrus rankCirrus
Oct 10, 2022
Solved

Global Blacklist or Whitelist

Does anyone know f5 has blacklist or whitelist globally not per security policy? Thanks
security
Seçkin's avatar
Seçkin
Icon for Cirrus rankCirrus
Oct 12, 2022

Hello Nik thanks, actually Packet Filters is a solution but i heard that its dangerous and be carefull to use it :)) Parent policy is another option but i need to add to this parent policy to every child policy again and i think its not effective as well. Script also should be considered 🙂 Thanks again...  

AubreyKingF5's avatar
AubreyKingF5
Icon for Moderator rankModerator
Oct 12, 2022

Packet Filtering is just one of many ways that AFM could help filter traffic before a packet even hits your virtual server. Packet filtering comes with a performance hit that is somewhat variable, depending on what you are doing because you may have to go into payload.. layer 7. That's not all you can do with AFM, though.. 

 

AFM has the ability to create allow / deny lists based on a number of criteria. You can also choose from a slew of actions to take on ACLs - INCLUDING iRules! You can apply IP Intelligence.. you can filter dns requests by query type.. you can deny smpt to an ip.. or a range of IPs.. or a manicured list of IPs.. without going to layer 7.. or ever having to touch a VIP. On top of that, protocol throttling, flood defense.. flowspec integration to trigger upstream route defense..

 

https://techdocs.f5.com/en-us/bigip-15-1-0/big-ip-network-firewall-policies-and-implementations.html