For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Russell's avatar
Russell
Icon for Nimbostratus rankNimbostratus
Aug 05, 2016

Is ASM right for a very slow "Brute Force"

Hi Guys   I have an application that is being 'brute forced', but not in what I would call in a 'traditional' sense. We have large amounts of logins, in excess of thousands, simultaneously to uniq...
ASM Advanced WAF
security
Yann_Desmarest's avatar
Yann_Desmarest
Icon for Cirrus rankCirrus
Aug 05, 2016

Hi,

Using ASM, you can leverage IP Intelligence, Brute Force protection or the DoS profile (really cool in v12.1.0)

Alternatively, I can suggest you using an irule to protect against brute force like this one (need to change peaces of code to fit the authentication method used by the backend) : DoS and NTLM Brute force protection for HTTP(s) flow

Or you can also write an irule to grap credentials and play them seemlessly against APM to create an APM session or deny access : ACCESS::policy evaluate -sid -profile [ +]

You can see an example here : ACCESS::policy