xml signatures

Question

I am trying to create a simple policy for web services/xml which would scan the incoming traffic against generic and xml related violations (without format or schema checks).&nbsp;
After creating + assigning a Rapid Deployment Policy and assigning Generic + XML signatures to it will ASM check for the XML related violations? (when the XML-policy/web-services part is not configured)&nbsp;
Do I understand correctly that everything going towards application will be wildcard matched against selected signature sets (including the XML stuff which should require manual policy configuration) or do the XML signatures only apply after the manual XML policy configuration?&nbsp;

nathe · Answer

ErkkiS,&nbsp;
The way you have created the policy, it will only be a negative security policy, i.e. it will check for signature violations. What you won't get is any protection against XML RFC/Standards e.g. the format of the request. You would be better served by creating a policy based on the Web Services wizard and add your XSD/WSDL file to ensure proper XML validation checking.&nbsp;
Hope this helps,&nbsp;
N&nbsp;

Forum Discussion

xml signatures

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

XML parsing by XML firewall

Support of WAF Signature Staging in F5 Distributed Cloud (XC)

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Wildcard Parameter signature attack

BoT Defense Profile, Signature Enforcement

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS