Forum Discussion

Nimbostratus

May 04, 2016

Using ASM to scan served content

I have a multi-user web serving environment where content is uploaded via sftp. I need to scan served content for keywords and block if any keywords are matched. I'm attempting to use a custom attack...

Employee

May 06, 2016

The ASM is an HTTP web application firewall. It can scan outbound HTTP traffic so long as the traffic is not encrypted as it passes through the BigIP. It cannot scan FTP traffic. SFTP traffic is a larger problem, as it is not only FTP rather than HTTP traffic, it is encrypted, and the BigIP does not have a good way to decrypt it.

If you are trying to scan HTTP traffic being served you need to configure Dataguard. Dataguard's entire purpose in life is to get the ASM to block outbound traffic that matches sensitive data. You can read about dataguard here: https://support.f5.com/kb/en-us/solutions/public/8000/300/sol8363

Forum Discussion

Using ASM to scan served content

Recent Discussions

Disk space full - what files, folders are safe to delete?

ASM instance creation

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

Related Content

iRule to serve security.txt file - RFC 9116

Gzip content when using HTTP::respond

Re: 01 - Visualization of F5 BIG-IP metrics on Grafana using Prometheus and Telemetry Streaming serv

Serving or browsing iFiles

Layer 7 Content Routing in F5 XC