Forum Discussion
To make the F5 AFM like a full NGFW is there plans the F5 AFM to integrate with AD for username/group access control and pcap capture when a signature is triggered ?
Hello to All,
Are there any plans to have the option for the AFM to do rules based on username/group not only IP address? Not many people know that you can use the AFM to make rules based on applications/services with a service policy to prevent for example port 80 to be used by telnet (port misuse) https://techdocs.f5.com/kb/en-us/products/big-ip-afm/manuals/product/network-firewall-policies-implementations-12-1-0/15.html , so only the username/group access control is needed and the F5 AFM is like NGFW. Also Now with the addition of the prototocol inspection profiles that are like IPS system ( https://support.f5.com/csp/article/K44080215 ) also having an option to do automatic PCAP capture on a packet that triggered a signature to see if it is false positive will help to make the AFM a full NGFW.
Hi,
I think it is best you ask your local F5 SE these questions (also the one about PHP language detection).
Cheers,
Kees
Hi,
I think it is best you ask your local F5 SE these questions (also the one about PHP language detection).
Cheers,
Kees
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com