Forum Discussion
mikand_61525
Nimbostratus
NimbostratusUsing ASM in a forward-http proxy scenario?
Usually the ASM is used in reverse proxy scenarios (protected your own webservers) - but have anyone in here used ASM in a forward http proxy scenario to protect the clients (and to make sure your cli...
Mike_MaherNimbostratus
NimbostratusI have never done this but I find the idea very interesting.
So first off I think the only thing you will want to enable in ASM is Attack Signatures because almost everything else is really designed solely for reverse proxy. Within the Attack Signatures you then need to figure out which signatures sets you want to use or if you want to use all of them. Then you need think about if you just want to log/alert on tripped signatures or if you want to hard block people. If your goal is to eventually hard block, I would plan on doing a lengthy staging period for the signatures because I am going to guess you are going to see some false positives here and there.
Another thing to consider is SSL and how to handle that, are you going to just ignore that traffic or will you be doing a man in the middle with the ASM?
Those are my initial thoughts on this, post back how this goes as I am sure other would interested to hear as well.
Mike