Integrity Defense settings and what happens when you use the Operation Mode settings?

Straight from the manual, yo:

Source IP-Based Client-Side Integrity Defense

Determines whether a client is a legal browser or an illegal script by injecting JavaScript into responses when suspicious IP Implementing Anomaly Detection Configuration Guide for BIG-IP® Application Security Manager™ 6 - 7 addresses are requested. Legal browsers can process JavaScript and respond properly, whereas illegal scripts cannot. The default is disabled.

What actually happens when a client is found to be non-human? My guess is that the ASM attempts to sort out what's a "good" connection from what's a "bad" connection, where bad means "script", but I'd like a definitive description.

How does this interact with the 'Operation Mode' settings? Does choosing 'Transparent' override the Prevention Policy settings, limiting the ASM to reporting on the DoS attacks?

If anyone has actually tested the combinations of Operation Mode and Prevention Policy settings, I would love to hear what you found.

Thanks in advance,

APM

app sec

security

Forum Discussion

Integrity Defense settings and what happens when you use the Operation Mode settings?

Recent Discussions

Unwinding the Benefits of Investing in White Label Crypto Wallet

SMTP profile not visible & showing

About AWAF "Redirect URLs" in "Responses and Blocks"

F5 iRule to replace host to path

Chrome V 124+ on MacOS - Virtual Server Access Issue

Related Content

Making Mobile SDK Integration Ridiculously Easy with F5 XC Mobile SDK Integrator

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

2. SYN Cookie: Operation

Integrating SSL Orchestrator with CheckPoint Firewall VM-Explicit Proxy

Ensuring Security in Continuous Integration and Continuous Deployment (CI/CD) Pipelines