Forum Discussion

Altostratus

Jul 24, 2023

Protobuf support in ASM

Hello, We are using BIG-IP 16.1.3.4 with the ASM module. We are trying to configure an ASM policy to parse and validate parameters in protobuf payloads sent over HTTP (not gRPC). Is it possible? Can...

MVP

Jul 24, 2023

This may be an advanced question regarding product capabilities, rather than a particular configuration. I would suggest an F5 support ticket to obtain an authoritative answer from those that developed the module 🙂 A quick google search against F5s domains does not show anything of merit. So not sure if the parser supports this... have you checked the various supported technologies?

https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-13-1-0/23.html

Hope this helps? Another idea is to perform a pen test and have the results important into the F5 ASM for mitigation. Check the following for assessment tool outputs supported:

https://f5-agility-labs-waf.readthedocs.io/en/latest/class5/module2/lab5/lab5.html

tuganim
Altostratus
Jul 25, 2023
Thanks for your response. We too could not find any information regarding this topic, so we asked here.
As for the server technologies, protobuf does not seem to be listed as an available technology.
As for the using the output of a vulnerability scanner, unfortunately we do not use any of the supported scanners, so this is not an applicable option. Also, I guess that if protobuf is generally supported, there should be an option to configure it manually, without the need to import the results of a scanner.
Thanks again for your response. We will try to contact the F5 support.
- Nikoolayy1
  MVP
  Jul 27, 2023
  If the VIP is publickly available you can test the qualys community edition as it allows a web scan up to 1 url:
  
  https://www.qualys.com/community-edition/