So namely X-Infection-Found, X-Virus-Name, X-Virus-ID, X-Violations-Found What i can't seem to find is what the f5 is expecting back as part of those headers and how it reacts to them. From the mcafee example (and i know its only an example!) I could send back other headers potentially with other useful information but how do i get ASM/AWAF to respond and act to this information?
From the f5 kb, its almost a if header exists act, or id header is not null then block. Is that correct? is there a list of headers the f5 is looking for?