For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

xiaokunli_12291's avatar
xiaokunli_12291
Icon for Nimbostratus rankNimbostratus
Jan 27, 2014

Question for BIG-IP Application Security Manager (ASM)

Hi folks,

 

I am trying to set up a security policy through F5 ASM either automatically or manually to scan JMS messages. But, according to the configuration guide of Application Security Manager, looks like F5 only supports HTTP/HTTPS-based services. How could I set a security policy for JMS messages with F5 ASM?

 

If any suggestions, please let me know.

 

Thanks!... XL

 

application delivery
devops
iApps
iControl
iRules
management
security

5 Replies

  • JPV_131616's avatar
    JPV_131616
    Icon for Cirrus rankCirrus
    Jan 27, 2014

    I don't think it's supported.

     

    ASM is a web app firewall....

     

    how are you getting the JMS messages? usually it's t3 or some other proprietary protocol anyways...

     

    thx

     

    • xiaokunli_12291's avatar
      xiaokunli_12291
      Icon for Nimbostratus rankNimbostratus
      Jan 28, 2014
      Thanks, JPV! Our team set up a transparent proxy and routed all JMS messages of the JMS server to the F5 before forwarding these messages to their final destination. But, our problem is we cannot configure a security policy for the F5 ASM to scan these JMS messages.
    • boneyard's avatar
      boneyard
      Icon for MVP rankMVP
      Feb 01, 2014
      as JPV says, ASM is mainly a HTTP/HTTPS firewall, it does XML, JSON, FTP and SMTP but that is it. not JMS.
    • eugeneK_pdx's avatar
      eugeneK_pdx
      Icon for Nimbostratus rankNimbostratus
      Aug 23, 2016

      Is there official F5 ASM documentation on what protocols are supported? I have incoming traffic (HTTPS and JMS) that needs to be inspected. I know JMS is TCP based and can have different implementations.

       

      Thanks, Eugene Kennedy