For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Cipher Strength Pool Selection

Problem this snippet solves:

Select a pool based on the client's encryption level.

This rule illustrates how to select a pool based on the client's encryption level.

Code :

rule CipherStrengthPoolSelection {
  when HTTP_REQUEST {
    log local0. "[IP::remote_addr]: SSL cipher strength is [SSL::cipher bits]"
    if { [SSL::cipher bits] < 128 }{
      pool weak_encryption_pool
    } else {
      pool strong_encryption_pool
    }
  }
}
Published Mar 16, 2015
Version 1.0
No CommentsBe the first to comment