Forum Discussion

AceHunter1965

Altostratus

Feb 10, 2023

Introducing new services to be covered by BIGIP WAF

Hey all! I work in a pretty large enterprise, and our BIGIP instances work as a gateway (both LTM & WAF) for a bunch of self-hosted services, including MLaaS services, OpenShift and more. We've rec...

security

boneyard

MVP

Feb 12, 2023

Your second suggestion sounds most logical. Duplicate policy, enable learning and assign different policies with iRule or LTP based on host name.

Beyond that 100% no false positives always feels like a impossible target. In this case sure, you can make it hurt way less. But there will be incidents with WAF at some point if you change the environment.

You could also wonder if one policy for very different environement is a logical choice. If there very similar perhaps. But the more they differ, the more openings you create where they shouldn't be. You could look into parent and child policies and see if you can keep the exceptions more targetted.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Introducing new services to be covered by BIGIP WAF

Recent Discussions

ip x-forwarding

ports are showing open on online scanning tool

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Related Content

Introducing Secure MCN features on F5 Distributed Cloud

Introducing the single Installation script for F5 NGINX Instance Manager

Lightboard Lessons: Introducing NGINX Service Mesh

Introducing iRules LX

F5 Distributed Cloud – Introducing Distributed Cloud Aggregator Management

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS