APM/ASM Exchange ActiveSync Brute Force Protection

Question

Hi,&nbsp;We are facing issue when configuring the Brute Force for Exchange ActiveSync service.&nbsp;We have virtual server configured with APM Policy and ASM as well.&nbsp;We tried to bypass the ActiveSync from APM to send the traffic of login page /Microsoft-Server-ActiveSync to ASM to detect the Brute Force Attack but not worked fine.&nbsp;We tried also to not bypass the activesync from APM and used "Max user attempts" feature on AD Auth Agent to be 3 attempts but didn't worked also &nbsp;As well as the AD configured to lock the account after 5 attempts so we found that APM didn't force the user to logout after 3 attempts which lead that account was locked on AD &nbsp;In the same time we can't use google CAPTCHA option as per requirements , so Any help here ? How we can achieve brute force mitigation for ActiveSync when we have APM and ASM in the same virtual server

simon_blakely · Answer

Because APM functionality in the virtual server is processed before the ASM policy, you need to use a layered virtual to process traffic through ASM before passing it to the APM-configured virtual.

K13315545: Configuring a BIG-IP ASM virtual server to protect a BIG-IP APM login page with brute force prevention

Forum Discussion

APM/ASM Exchange ActiveSync Brute Force Protection

1 Reply

Recent Discussions

Port Group on F5OS network setting

F5Access | MacOS Sonoma

Rewrite uri translation not working

Chrome V 124+ on MacOS - Virtual Server Access Issue

Transaction looks successful but file not downloading

Related Content

Beyond REST: Protecting GraphQL

L7 DoS Protection with NGINX App Protect DoS

Managing NGINX App Protect WAF for Beginners

F5 Distributed Cloud Bot Defense Protecting AWS CloudFront Distributions

Cookie-based DDoS protection