Ads 468x60px

Featured Posts

27 July 2020

F5 ASM – Fundamental Security Policy



I used to write an overview about what I've done in the last year before going on holiday but, this summer, although I’m not going to write in the blog for the next month, I’ve wanted to write about F5 BIG-IP because I’ll take the certification exam on September. Therefore, this small post is about how to create a Fundamental Security Policy in F5 BIG-IP ASM and how to customize the policy with Selective Learning.

Actually, I’ve recorded a video. You know I love it to watch how to configure some architectures. We can watch in the next video how to configure a Fundamental Policy in transparent mode and manual learning. In addition, I’ve checked the “Illegal parameter value length” in the Learning and Blocking Settings. What’s more, I’ve modified the wildcard parameter length to 1 byte. Therefore, thanks to the selective learning, all the parameters greater than 1 byte will be suggested to add it in the security policy. I think, it’s much better you watch the video.


Thanks, take care, enjoy the summer!

20 July 2020

F5 ASM – Blocking methods and XSS attack



This summer I have to study French and F5. I have to study French because I couldn’t apply to the exams due to the COVID-19 pandemic. Therefore, I will take the exams on September. In addition, my F5 certifications expire soon. Therefore, I will also have to study F5. I think, it’s going to be an exhausting summer. However, I will try to do my best. I’m going to study for both exams. We’ll see at the end of the summer the results. I’ll let you know!

This weekend I’ve been reading and studying about F5 ASM. I’ll apply for the 303 exam. Therefore, I’ve also recorded a video where you can watch how to block, firstly, the OPTIONS method and, later, an XSS attack. You can watch that attacks are not blocked in transparent mode. However, they are blocked in the blocking mode. In addition, there are Learning Suggestions which help us to configure the security policy. I think, thanks to the event logs and the Traffic Learning, we can build easily a security policy for protecting web services from advanced attacks with F5 ASM.


Thanks my friends!! Enjoy! Study!
Related Posts Plugin for WordPress, Blogger...

Entradas populares