Forum Discussion

Cirrostratus

Mar 24, 2022

Managing many WAF policies

Hello guys My question is more likely to be administrative question, and less technical. And I need some advices on this. We're managing so many WAF policies for so many websites. About 50+ policie...

Cirrus

Mar 25, 2022

I think you need to change the approach to your WAF implementation and maintaining policies. With this amount of policies and learning suggestions you cannot do it efficiently "by hand". Involving developers each and every time is not a good approach too - sooner or later they will hate you and end-up with answers "this is good - accept this" 🙂 Developers should not be the only source of truth - usually they do not know much about security. Do they know what modules are installed on servers if they do not use them? These modules may be exploitable and you should worry about these too.

You may find this article helpful: https://support.f5.com/csp/article/K07359270

Regards

xRes

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Managing many WAF policies

Recent Discussions

Background Tasks

Which process is consuming higher CPU

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Client SSL Profile set to Require Client Certificate breaks RDP in APM

Related Content

Minimizing Security Complexity: Managing Distributed WAF Policies

Manage F5 BIG-IP Advanced WAF Policies with Terraform (Part 4 - Policy Lifecycle management)

F5 BIG-IP Access Policy Manager (APM) Machine Tunnels for Windows

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Manage F5 BIG-IP Advanced WAF Policies with Terraform (Part 2 - Policy Import)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS