New BIG-IP ASM v13 Outlook Web Access (OWA) 2016 Ready Template

F5 has created a specialized ASM template to simplify the configuration process of OWA 2016 with the new version of BIG-IP v13 Click here and download the latest version of XML file that contains ...
Published Jan 24, 2018
Version 1.0
ASM Advanced WAF
ASM Template
BIG-IP
security
am_gli's avatar
am_gli
Icon for Altostratus rankAltostratus
Oct 01, 2018

Hi,

 

I've implemented a policy in transparent mode with this template, but I'm facing some issues during traffic learning:

 

a) ActiveSync triggers strange SQL-Injection Suggestions: SQL-INJ "' --" (SQL comment) (Parameter) (2)

 

b) ActiveSync triggers strange Execution attempts (ftp, del, sfc, ...) since it detects these strings in the string of a JPG or similar...

 

Is there any suggestion how to handle these suggestions in a good and secure manner?