Forum Discussion

Nimbostratus

Jun 22, 2012

Real life benefits of bypassing ASM

So I've inherited a 5 year old LTM / ASM cluster with a lot of old rules which have mostly been kicked along over various versions and architectural changes over that time. I have a rule whi...

Cirrostratus

Jun 25, 2012

If caching on LTM complicates troubleshooting, I'd just remove the iRule and have ASM validate all of the requests. Last I know you guys had spare ASM capacity so it makes sense to simplify the implementation and remove the static content iRule. Of course, you'll want to test the policy and make sure the static content is defined correctly in the security policy.

You could probably also remove some of the iRules that bypassed ASM for odd requests that ASM couldn't handle. Chances are ASM functionality has improved to the point that it can handle more of these requests.

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Real life benefits of bypassing ASM

Recent Discussions

how to whitelist new source IP on F5 web UI access

F5 to read a combined CRL file

Upgrade F5 BIGIP

ISP Load Balancing, SNAT pool instead of Automap link self-ip, anyway to do health check ?

MAC address of deleted VS IP address still responsive

Related Content

HTTP Pipelining: A security risk without real performance benefits

Leveraging Ansible Rulebooks for Streamlined Event Triggers: Advantages and Benefits

How to persist 'real' IP into Kubernetes

Bypass certificate check

VPN Split Tunneling: The Benefits and Risks

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS