Forum Discussion

Nimbostratus

Jun 25, 2016

mitigation of brute force attacks using ASM for lync autodiscover

Hi we do use LTM as reverse proxy to publish lync autodiscover service externally. however it cause a security issue as any person can download lync mobile client and cause account lockout after mult...

Employee

Jun 27, 2016

You might be able to do this, but the general consensus from most of my colleagues is that this is generally a bad idea. Lync is only partially HTTP and the ASM will simply refuse to pass any traffic that is not RFC compliant HTTP traffic. You might be able to protect the authentication, but you will still need an iRule to disconnect the ASM once that's done.

Also be aware that our Brute Force protection protects a specific URL, so you will need to know which page Lync is trying to hit for authentication.

Forum Discussion

mitigation of brute force attacks using ASM for lync autodiscover

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Mitigating OWASP Web Application Risk: SSRF Attack using F5 XC Platform

Mitigating OWASP Web Application Risk: Broken Access attacks using F5 Distributed Cloud Platform

The HTTP/2 CONTINUATION frame attack

F5 Distributed Cloud L3-L7 DDoS Mitigation