Forum Discussion

Nimbostratus

Jan 04, 2018

Block all high/medium severity rules

Dear All, I use F5-ASM, and it learning from my traffic now, but as I saw it catch only low severty rules. Has any options in F5-ASM to set all high/medium severity rules to block state wit...

Cirrostratus

Jan 04, 2018

Hello,

Not sure if we are talking about same thing, but in ASM you have both "Attack Signatures" and "Violations". If the problem is with the "Attack Signatures" then you can modify your ASM policy to trig only on following "Attack Signatures" categories :

Signature Set Name :

High Accuracy Signatures
Medium Accuracy Signatures

To do this you have to go to "Security ›› Application Security : Policy Building : Learning and Blocking Settings" under "Attack Signatures" click on the "Change" button and replace the existing by above categories.

Regards

Forum Discussion

Block all high/medium severity rules

Recent Discussions

BWC iRule

Citrix XenServer Big-IP Upgrade help

iRule condition - request contains more than 10000 parameters

Hi All, We have viprion 4300 with 4450 blades with 6 blades all blades having same configuration

Can iRule be used to perform exception of IPI category based on Geolocation

Related Content

Copy over self IPs from several partitions

Block traffic

domain blocking

Protect an application spread across several locations with F5 XC WAAP and Multi-Cloud Networking

Block IP after a number of ASM Blocks