thomasd93
May 27, 2021Nimbostratus
IP Intelligence Custom Feed in ASM
Hi,
we want to use custom feeds for our IP Intelligence to block IPs recognized by us as malicious.
With the AFM module we already succeeded with setting this up.
To also have the option of blocking the requests with ASM policies (to have a blocking page and not a TCP reset) we thought of using the custom feed to set the IPs to a category blocked in all of our ASM policies (for example tor_proxy).
However in our tests we noticed that the custom IPs are not blocked by ASM. Is this a known limitation? Are there ways to activate the custom IPs also in the ASM IP-Intelligence? (Manually blacklisting them via IP Address Exceptions is not a solution we want to use)