Guided Configuration on API security

Question

Hi Folks,We are using ASM module for some time and there are many application security policies that are in block mode.&nbsp;We have some api related application in our environment, now wanted to protect those api based applicaiton through guided configuration.&nbsp;Please guide to start with guided configuration with respect to api security.&nbsp;&nbsp;Thanks&nbsp;Kuzhal

daniel_wolf · Answer

Hi&nbsp;kkuzhal,
the guided configuration for AWAF API protection offers two variants.1. You have an OpenAPI Specification (formerly Swagger Specification)2. You don't
If you have, it will allow only the specified API endpoint and methods. If you don't, you have to specify them manually. That's pretty much it.
I like API Protection with APM better, because it includes authentication and rate limiting.
KRDaniel

Forum Discussion

Guided Configuration on API security

Recent Discussions

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Switch ssl profile based on weak cipher detection via IRULE

F5 Switches in 'Changes Pending' Status

Related Content

Implementing SSL Orchestrator - Guided Configuration

Secure against the OWASP Top 10: Guide for 2021

Demo Guide: F5 Distributed Cloud DNS (SaaS Console)

Auditing Security Policy Updates

Demo Guide: Multi-Cloud Networking with F5 Distributed Cloud Services (SaaS Console, Automation)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS