Can you block a specific AV Vendor within the Antivirus APM object?

Question

If I wanted to block say Norton and allow all other AV Vendors through is it possible to do this within the Antivirus object within APM or would you have to do a Windows Registry check and then block based on the result?

psfletchthetek · Answer

I would have thought so.Inside the client side Auth module there is a av check.That breaks down the AV vendors.You can either then call out the one you are looking for and build the rest of your code off of the failback branch or take the advanced code and tweak the equals to not equals.I'd need to check if the same module has a not equals built in, but it's normal looking for any sort of av or the corporate defined one. Not normally explicitly looking for one to discount.

Forum Discussion

Can you block a specific AV Vendor within the Antivirus APM object?

1 Reply

Recent Discussions

Geo Fence in ASM through irule for URI

Client certificate Authentication - open multiple tabs

google autenticator broken barcode

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Related Content

F5 ICAP over SSL/TLS (Secure ICAP) with F5 ASM/AWAF Antivirus Protection feature

OWASP Tactical Access Defense Series: Broken Object Property Level Authorization and BIG-IP APM

Duplicating BIG-IP Objects

OWASP Tactical Access Defense Series: Broken Object Level Authorization and BIG-IP APM

Using shared object with BigIP