cancel
Showing results for 
Search instead for 
Did you mean: 

F5 WAF query

d_spider
Altostratus
Altostratus

I am pretty new to F5 devices, specifically F5 WAF. I came to know about the Devcentral community few months back but never checked it. Now today I have registered here and so hoping for better learning from F5 standpoint.

I had small query. We have F5 WAF and it is in blocking mode. I am just handling operations part of it. The policy is configured by someone else. Now whenever someone report issue we check the logs on WAF and if it is seeing blocked of WAF. We verify the request and accepts it once we find it legitimate.

So I know once I accept it, it starts working. I am curious to know the changes that happens behind this action. Please explain

1 ACCEPTED SOLUTION

Yiğit_Uslu
Cirrus
Cirrus

Hi  

 

Welcome to Devcentral. You can find detailed information about AWAF previously ASM on Youtube. As for your question, I am assuming you are referring to traffic learning. Based on this, when you applied a suggestion F5 basically changed the attributes of that particular setting or entity. The changes can be verified under application security sub-menu or learning and blocking settings. 

View solution in original post

5 REPLIES 5

Yiğit_Uslu
Cirrus
Cirrus

Hi  

 

Welcome to Devcentral. You can find detailed information about AWAF previously ASM on Youtube. As for your question, I am assuming you are referring to traffic learning. Based on this, when you applied a suggestion F5 basically changed the attributes of that particular setting or entity. The changes can be verified under application security sub-menu or learning and blocking settings. 

Thank you buddy for the explanation. Appreciate it

Yesterday I came to know about this option of selecting best response which fulfilled my query. Thank you

Hi  

Welcome to F5 DevCentral ! You'll learn lot of things here related to F5 for sure.

Thank you buddy for the warm welcome.