Nimbostratus
Hello ,
1)Can f5 ltm or asm provide http file upload scanning for e.g. virus detection or any other security function ? Currently using verson - 10.2.3. Does version 11 support it ?
2)I believe it it does allow to restrict the file type and size. But what would be the iRule to achieve that ?
Cirrocumulus
ASM v10.2.0 release notes (http://support.f5.com/kb/en-us/products/big-ip_asm/releasenotes/product/relnotes_asm_10_2_0.html😞
Anti-virus scanning
With this version you can configure the Application Security Manager to act as an Internet Content Adaptation Protocol (ICAP) client. The system asks an external ICAP server to check HTTP file uploads for viruses before releasing the content to the web-server. To configure antivirus protection, from the Configuration utility, navigate to Application Security » Options » Anti-Virus Protection.
If the system detects a virus in an incoming request, the system issues the violation Virus Detected, and logs or blocks the illegal request, depending on how you have configured the settings of this violation on the Policy Blocking Settings screen.
We added an advanced configuration parameter, Virus header name, which is the name of the response header that the ICAP server returns when it detects a virus. The parameter’s default value is X-Virus-Name, which is McAfee’s default response header. If you are using a different ICAP server, change this parameter’s value to the appropriate value used by that ICAP server. This parameter is found on the Advanced Configuration screen (from the Configuration utility, navigate to Application Security » Options » Advanced Configuration).
Hope this helps,
N