rate
2 TopicsCan I use the F5 for Rate Limiting?
I had been looking at the Session Tracking in ASM previously hoping that it would be able to perform rate limiting. Unfortunately it seems that in order for any lockout to occur via Session Tracking in ASM, a threshold of policy violations needs to be triggered. This is a great feature however not what I am looking for. In the event that a user is spamming or replaying valid requests back to the application, we would want to lockout that user or at least slow them down. Is there some way that the F5 can be utilised to perform rate limiting from an individual eg. session based etc.Solved799Views0likes1CommentSession Tracking with ASM - Block All Vs Delay Blocking
Hi Guys, I'm just looking to understand exactly the difference between the 'Block All' and 'Delay Blocking' options for session tracking on ASM policy. Both seem to block after a defined threshold is reached and will block for a defined period of time. It looks like the 'Delay Blocking' options is more granular however I expect that there is something significant I am overlooking. Also, the application I wish to use session tracking on does not have a login page. As a result I will be setting the 'Application Username' to 'none'. Will this allow me to still accurately track if an individual is spamming the application? Thank you402Views0likes1Comment