ASM Stress Bassed DOS

Question

I'm trying to validate that my configuration is correct to enable a stress based dos profile in transparent mode. I was reading the documentation from F5 and they did not make it abundantly clear if mitigation is needed to be defined for each one of the analyzed fields (i.e Source IP, Device ID, URL, etc) if I just want the dos mitigation to be behavioral. In the current configuration listed in the image, will this mitigate a stress based dos?&nbsp;
&nbsp;
Note the de-escalation period is set extremely quick for testing purposes right now. &nbsp;
Referenced documentation: https://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-12-0-0/2.html&nbsp;

nathe · Answer

Jon, you don't need to select other detection criteria so just Behavioral should work - although i must admit i've not tested this personally. By the way, i think this feature was officially introduced in v12.1, so you might want to reference this article for more information BIG-IP Application Security Manager: Implementations&nbsp;
Hope this helps,&nbsp;
N&nbsp;

Forum Discussion

ASM Stress Bassed DOS

1 Reply

Recent Discussions

Pricing when used with aws waf

F5 Rseries R2600 Tenant sizing

iRule help masking IBM host URL/URI

Need advise to setup a policy on F5

Advise on setting up IRULE

Related Content

Mystical Connection Close - without logs, after stress test.

ASM logs

ASM LOGS

F5 Certifications Mega Meta Series: How to take the stress out of the F5 exams

F5 BIG-IP ASM – L7 DDoS attack Protection (TPS, Behavioral & Stress Based detection)