Forum Discussion

Nimbostratus

Sep 26, 2012

SSH Security

Is there a way to create a Security Policy for SSH traffic. I have a virtual server listening on port 22. Is there a way i can enable Application Seurity on this? Thanks TJ

app sec

BIG-IP Access Policy Manager (APM)

security

hoolio

Cirrostratus

Oct 05, 2012

Hi TJ,

ASM does not validate the SSH protocol. You could try to do something with iRules based on layer 4 info like client IP address, connection attempts per time interval and/or GeoIP location data.

I think it also makes sense to implement more SSH-specific validation on the SSH servers themselves. There are a lot of opensource solutions for securing SSH like:

http://alternativeto.net/software/ipban/

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSH Security

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

Can I use F5 Big-IP WAF as HoneyPot

SSH forward proxy

Multiple Default Gateways

ASM Sec-CH-UA-Full-Version-List backquote in Header

Scenarios where Service Policy should be used over iRule and Vice versa

Related Content

SSH Brute Force Protection with SSH Proxy

Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio

AppWorld 2025 Security Insights - ADC 3.0, AI Security, and more

APM-Specific Features for Securing Your Website

Securing Model Serving in Red Hat OpenShift AI (on ROSA) with F5 Distributed Cloud API Security

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS