I am just wondering what everyones user experience has been with "Browser Verification" when enabling anything other than then the defaults via any Bot Protection profile.
For instance if I have Browser Verification set to anything other then "Challenge Free Verification" in our Sharepoint environments, "funky" things will happen such as users getting bot error/reference ID page when attempting to sign out or or an EXTREME amount of false positives occur and user traffic is impacted.
In environments with older Java based apps, it will cause some browsers to automatically sign out when clicking any link in the web application after login (as if cookie persistence is blocked).
I have gone back and forth with F5 in almost all my attempts to enable this future (as browser fingerprinting is something we really would like to utilize) but we just cant get it working in most cases (even with work arounds such as single page application or enable a DOS profile in transparent mode).
Is something like Device ID+ the solution for all of my problems? https://www.f5.com/products/security/shape-security/f5-device-idplus