I have some virtual servers which have the analytics profile enabled, so I am able to collect statistics of the traffic passing through such vs. However, after performing an Ethical Hacking procedure in my infrastructure, I was requested to rename the cookies that AVR uses such us: f5_cspm=; f5avrbbbbbbbbbbbbbbbb=; f5avrbbbbbbbbbbbbbbbb or encrypt their names. Such names are visible to attackers so I need them to be changed to some less F5-descriptive ones. Here https://devcentral.f5.com/s/question/0D51T00006i7k1N/how-to-rename-cspm-cookie-name there is only the process to rename the f5_cspm cookie. F5 says that the other cookies that start with f5avr cannot be renamed. How could achieve this requirement?
◘ You cannot modify a cookie name that is set by the AVR module.
◘ Beginning in BIG-IP 11.4.0, the cookie is also encrypted and should be considered safe by security scanning devices.