For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Danny_19714's avatar
Danny_19714
Icon for Nimbostratus rankNimbostratus
Feb 01, 2008

Zero-day exploits

I am currently researching the BIG-IP Web Application Firewall and have a question. Lets assume I have a web application running on IIS protected by BIG-IP and has the relevant iRules applied. Will BI...
application delivery
dev
devops
iRules
strongarm_46960's avatar
strongarm_46960
Icon for Nimbostratus rankNimbostratus
Mar 08, 2008
ASM does not protect against zero-day or OWASP top ten etc automatically you have to customise your policy by teaching ASM what should be allowed, ASM has negative & positive security model potential. however, initially, it's default deny whether you are in learning or blocking mode unitil you accept the request or responses. Either option in positive or negative security both involve learning and customizing the ASM, there nothing automatic from what I have seen thus far.

 

 

The positive security model might be automated by telling the Crawbar to crawl your backend servers, however if you have dynamic urls or pages then it would work.

 

 

It's a long and painful process I am afraid.