Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

F5 WAF use case for internal network

Indeed
Nimbostratus
Nimbostratus

‎27-Jun-2021 10:01

Hi

I’m using F5 products for couple of years, and always use F5 WAF for external users (Untrust zone)

 

now try to enable it for internal users to protect a web server (confluence (tomcat)).

 

after I enable F5 WAF we have lot performance and functional issue on Confluence,

 

FYI 1: F5 work on learning mode not blocking mode.

 

now one question come to my mind, is it logical to use F5 WAF protection for this web server?

FYI 2: this server has no internet connection. Not published on internet. Only internal users in LAN able to access this server.

 

FYI 3: I see lot’s of people have issue with confluence and F5.

 

 

Any idea?

Thanks

Labels:
0 Kudos
1 REPLY 1

Nikoolayy1
MVP
MVP

‎27-Jun-2021 13:40

You mean that F5 ASM policy is in transperant mode and you still get performance and functional issues?

 

 

Have you checked the F5 ASM CPU and Memory as the learning mode may cause high cpu if there is a lot to learn and I see that the confluence causes a lot of false postives (you may also upload a qkview to ihealth and check the CPU and memory and found bugsfor the ASM from the security tab in ihealth):

 

https://support.f5.com/csp/article/K47045262

 

https://support.f5.com/csp/article/K58571155

 

 

 

Also do you add a lot of files on the Confluence as you may need to read:

 

 

https://support.f5.com/csp/article/K01235989

0 Kudos
Copyright © 2023 Khoros, LLC