Forum Discussion

Nimbostratus

Sep 26, 2012

SSH Security

Is there a way to create a Security Policy for SSH traffic. I have a virtual server listening on port 22. Is there a way i can enable Application Seurity on this? Thanks TJ

app sec

BIG-IP Access Policy Manager (APM)

security

hoolio

Cirrostratus

Oct 05, 2012

Hi TJ,

ASM does not validate the SSH protocol. You could try to do something with iRules based on layer 4 info like client IP address, connection attempts per time interval and/or GeoIP location data.

I think it also makes sense to implement more SSH-specific validation on the SSH servers themselves. There are a lot of opensource solutions for securing SSH like:

http://alternativeto.net/software/ipban/

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSH Security

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Help with SSH Virtual Server

Changes to DO and AS3 GitHub - no longer monitored

GRE Tunnel Issue

Help with an iRule to disconnect active connections to Pool Members that are "offline"

GRPC through F5 Virtual Server [RST_STREAM with error code: INTERNAL_ERROR]

Related Content

SSH Brute Force Protection with SSH Proxy

Quarterly Security Notification October 2025

Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio

BIG-IP security hardening and compliance checks

Deploying the F5 AI Security Certified OpenShift Operator: A Validated Playbook

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS