For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

MSZ's avatar
MSZ
Icon for Nimbostratus rankNimbostratus
Sep 09, 2015

How to start with F5 BIG-IP ASM quickly?

I would like to know the quick overview of the functions under:   Security --> Event Logs Security --> Reporting   And on the basis of Event logs, how we can tune the ASM?  
ASM Advanced WAF
security
boneyard's avatar
boneyard
Icon for MVP rankMVP
Sep 15, 2015

im not sure i understand you correctly. what do you mean with tuning? blocked request can be good ones because an attack takes place, but they can also be bad ones because a valid request is blocked.

 

tuning a policy in my opinion means trying to get rid of the false positives. but you say somewhere else "If event logs show: Blocked, Illegal and truncated requests, then it means our applications are secure and we need to see the violations only."

 

that isn't really the case, violations result in a block event if the policy is configured like that.