I am searching around if F5-DNS or AFM is capable of receiving threat intelligence in real-time from TAXII servers related to private community or ISAC?
I need more information about F5 capablities to integrate with threat intelligence even with o
Hi @Muhannad - I see nobody has answered you yet, so I've shared the link to your question with a colleague who may be able to help. Can you elaborate on your last sentence, though? It looks incomplete.
"I need more information about F5 capablities to integrate with threat intelligence even with o" <--?
I don't know enough about taxii, but it appears to communicate RESTfully. I am digging into this, but do you happen to know what sorts of things a taxii sends? Is the expectation that it programs a deny-list in real time? Is the expectation simply IP blocking (AFM) based on threat intelligence? Can taxii host a deny-list? If so, AFM / AWAF can be programmed to consume that in an automated fashion..