Forum Discussion

THE_BLUE's avatar
THE_BLUE
Icon for Cirrostratus rankCirrostratus
May 10, 2021

secure application through WAF

is it practical to secure application like Office 365 through WAF ?
ASM Advanced WAF
LTM
security
  • Daniel_Wolf's avatar
    Daniel_Wolf
    May 10, 2021

    Ah, I did not understand this from your initial question.

    So you have a web application that is interacting with O365, but the web application is internet facing? In that case should could limit access to only known O365 public IP addresses. Check out this git repo: https://github.com/brett-at-f5/f5-office365-ip-url-automation

    Probably you can create an iRule to block access if the traffic is not coming from O365 source IP addresses.

    Or you can secure your web app with AdvWAF.

    Or a combination of both.

THE_BLUE's avatar
THE_BLUE
Icon for Cirrostratus rankCirrostratus

😂

Hi Daniel,

so basically if i have web application that integrated with sth same as Office 365 , no need to be secured by WAF .

Clear , thanks.

 

Daniel_Wolf's avatar
Daniel_Wolf
Icon for MVP rankMVP
May 10, 2021

Ah, I did not understand this from your initial question.

So you have a web application that is interacting with O365, but the web application is internet facing? In that case should could limit access to only known O365 public IP addresses. Check out this git repo: https://github.com/brett-at-f5/f5-office365-ip-url-automation

Probably you can create an iRule to block access if the traffic is not coming from O365 source IP addresses.

Or you can secure your web app with AdvWAF.

Or a combination of both.