Forum Discussion

Cirrus

Aug 31, 2018

Any experience with ASM policy affecting response stream (with no vulnerability/attack signature noted)?

Env: LTM 11.5.2, physical appliance (4200), no resource issues We are experiencing cases where the presence of an ASM security policy is affecting the response to clients, even though the event...

Cirrocumulus

Sep 02, 2018

It depends on your ASM Policy. Several features in ASM depend on things like injecting JavaScript into responses which may potentially break the content from rendering in the browser (should not affect the tcpdump though).

Such features include Web Scraping, CSRF protection, device fingerprinting, Bot Defense / Client-Side Human User Indicator /CAPTCHA etc...

So instead of removing the ASM policy completely the recommendation is to switch off off the features and violations which may interfere with response first.

Also try your application with the most basic policy such as Rapid Deployment Template.

Also check Support Knowledge base, for example this article:

K11040: Certain HTTP profile Response Chunking settings interfere with BIG-IP ASM and BIG-IP WebAccelerator processing

Forum Discussion

Any experience with ASM policy affecting response stream (with no vulnerability/attack signature noted)?

Recent Discussions

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Portal Access to HTTPS resources slow

How to Implement 2 Way SSL in F5 LTM

Azure DP-100 Exam Questions

Related Content

My Experience So Far

The DROWN Attack: Another SSL Vulnerability

Accellion FTA Vulnerabilities Exploited in APT Attacks - New AWAF Signatures

Experience F5 Distributed Cloud with Multi-Cloud Sites and Distributed Apps

VLAN Failsafe failover settings change on STANDBY device - affect ACTIVE device?