Forum Discussion

thomasd93's avatar
thomasd93
Icon for Nimbostratus rankNimbostratus
May 27, 2021

IP Intelligence Custom Feed in ASM

Hi,

 

we want to use custom feeds for our IP Intelligence to block IPs recognized by us as malicious.

With the AFM module we already succeeded with setting this up.

To also have the option of blocking the requests with ASM policies (to have a blocking page and not a TCP reset) we thought of using the custom feed to set the IPs to a category blocked in all of our ASM policies (for example tor_proxy).

However in our tests we noticed that the custom IPs are not blocked by ASM. Is this a known limitation? Are there ways to activate the custom IPs also in the ASM IP-Intelligence? (Manually blacklisting them via IP Address Exceptions is not a solution we want to use)

  • you need ASM IP-Intelligence license to use the feature.

     

    If you want to use your own list of custom IPs to be blocked by ASM, a potential solution would be to write an iRule which loads the IPS from a datagroup/iFile