F5 WAF use case for internal network
Hi I’m using F5 products for couple of years, and always use F5 WAF for external users (Untrust zone) now try to enable it for internal users to protect a web server (confluence (tomcat)). after I enable F5 WAF we have lot performance and functional issue on Confluence, FYI 1: F5 work on learning mode not blocking mode. now one question come to my mind, is it logical to use F5 WAF protection for this web server? FYI 2: this server has no internet connection. Not published on internet. Only internal users in LAN able to access this server. FYI 3: I see lot’s of people have issue with confluence and F5. Any idea? Thanks525Views0likes1CommentASM security policy with Atlassian Confluence
Has anybody configured an Atlassian Confluence server behind an F5 with ASM security? I find that it's getting LOTS of false positives that I'm hesitant to accept, mostly of the SQL injection variety (i.e. seeing the words "group" and "by" in a posted paragraph and assuming it's a "group by having" attempt). The method Confluence uses to post messages also makes ASM think it's trying to execute commands like at, ll, eval, etc. I can't set this site up for extended learning because the majority of the users will be external and can't be considered "trusted". Any thoughts/recommendations?803Views1like6Comments