ASM Policy in "Blocking" Mode switch to "Transparent" for some IP's
I have a policy that I need to switch to blocking but the business want to have a phased approach. Only the testing team should be in Blocking, while the rest of the business (a different IP range) remains in transparent. I need to keep the same policy so that I can "proof" that everything is running fine. Is there a method to do that ? Was thinking about an iRule but dont know how. I know how to disable ASM with an iRule but, that's something I don't want because I need to keep the learning suggestions. Bye St.388Views0likes6CommentsF5 WAF/ASM block users that trigger too many violations by source ip/device id using the correlation logs
Hello to All, I was thinking of using the iRule tables command to write when a user ip/device id makes too many violations for a time perioud and to get blocked for some time but I see that the F5 ASM has correlation logs that trigger incidents but there is not a lot info if this can be used in iRules or to block user ip addresses / deviceid. https://support.f5.com/csp/article/K92532922Solved1.5KViews0likes7CommentsHIRE ADRIAN LAMO HACKER TO RECLAIM LOST CRYPTOCURRENCY
In the digital age, romance scams have become an all too common threat, preying on the vulnerability and trust of unsuspecting individuals. I, too, fell victim to such a scheme, lured into investing in a Telegram group, only to lose a substantial amount of cryptocurrency—5.78 Bitcoin and 13 Ethereum. It was a devastating blow, both financially and emotionally, leaving me reeling in disbelief. However, amidst the despair, there emerged a beacon of hope: Adrian Lamo Hacker. With their unparalleled expertise and unwavering commitment to their clients, they proved to be my saving grace in the darkest of times. Despite the complexities of my situation, they approached the task with diligence and determination, leaving no stone unturned in their quest to recover what was rightfully mine. Thanks to the tireless efforts of Adrian Lamo Hacker, I was able to reclaim 90% of my lost cryptocurrency—a feat I once believed to be impossible. Their support and service were nothing short of exceptional, providing me with reassurance and guidance every step of the way. From the moment I enlisted their help, I knew I was in capable hands. I am pleased beyond measure to have hired Adrian Lamo Hacker, and I wholeheartedly recommend their services to anyone who finds themselves in a similar predicament. Their expertise in recovering lost or stolen cryptocurrency is unmatched, and their dedication to their clients is unwavering. If you've fallen victim to a romance scam or any other form of cryptocurrency fraud, don't despair. With their help, you can reclaim what's rightfully yours and emerge stronger than ever before. Reach out to Adrian Lamo Hacker via website: https://adrianlamohackpro.online/ Your recovery starts here, with a team you can trust to deliver results and restore your faith in the digital landscape. You can also contact Adrian Lamo Hacker through their TELEGRAM handle: @ADRIANLAMOHACKERTECH / Email : Adrianlamo@consultant.com Don't let the actions of fraudsters dictate your future—take back control with the help of Adrian Lamo Hacker.9Views0likes0CommentsTelemetry streaming to Elasticsearch
Hi all I am following a couple of threads since I want to send ASM logging to Elasticsearch like this one fromGreg What I understand is that I need to send an AS3 declaration and a TS declaration. But there are a couple of things not entirely clear to me. 1. Can I remove the iRule, Service_TCP, Pool, Log_Destination, Log_Publisher and Traffic_Log_profile declarations from the AS3 declaration json? In the example the telemetry_asm_security_log_profile does not seem to depend on these? 2. In the AS declaration json an IP address is specified 255.255.255.254 (perhaps just an example since it is a subnet mask) and also in the TS declaration where it is 172.16.60.194. How are the IP in the servers section of the AS3 declaration related to the one in the consumer part in the TS declaration? 3. Intelemetry_asm_security_log_profile the field remoteStorage is set to splunk. According to the reference guide:Reference Guide security-log-profile-application-objectthe allowed values are “remote”, “splunk”, “arcsight”, “bigiq”. I would opt for just remote. Is that the correct choice? Regards Hans498Views0likes5CommentsWildcard SSL Certificate Deployment on F5 LTM
We utilize F5 load balancer to generate CSR and implement Entrust SSL certificates across all subdomains within our infra. We're exploring the possibility of deploying a wildcard SSL certificate for a domain and its associated subdomains. ltm version is 14.1.5 If feasible, we seek guidance on the process of importing and deploying it within F5.74Views0likes6CommentsProblems connecting to vpn after upgrading to ubuntu 24.04
good afternoon, I have upgraded ubuntu to 24.04 and since then I can no longer connect correctly to the vpn with the f5 client. In the client it appears that I am connected to the vpn, but then I do not reach any of the sites and servers that with the 22.04 version if it arrived. Can you help me.27Views0likes0CommentsWhat happens if I only enable ASM in BIG-IP Under System > Resource Provisioning
Hi; Let's say that I have a Big-IP device licensed for LTM and ASM. However, only the ASM module is enabled under System > Resource provisioning with a level of nominal. I know that in this case, you can have a pool of only one member, but just to double check my information, I want to ask this questions: Is my understanding above incorrect, and in this case, the system does load balance to multiple pool members, or I should enable the LTM module for this to happen? Kindly WasfiSolved24Views0likes1CommentOpen Redirection Mitigation
hello, ASM has a feature to mitigate the open redirection attacks when the redirect happens at the header level (i.e: with Location in response). When the redirection is within the payload response, the ASM does not block it. do you guys know about any ASM configuration that may address this issue and mitigate this kind of attack ? thanks. o.Solved83Views0likes6CommentsCannot login to Avaya wanx using f5 apm network access
Hi we are facing some issues related to APM network access, we cannot login to our avaya wanx ip phone communicator using network access, but we can ping the call server we are using, but still no luck on login. Is there something we need to adjust on APM network access setup?454Views0likes7Comments