Forum Discussion
NUT2889
Jan 13, 2020Cirrostratus
Hi,
This is the machanism of ASM to validate cookie.
The BIG-IP ASM system validates these cookies returning from the clients to ensure that the cookies are not modified. In BIG-IP ASM 11.4.0 and later, a random security key is generated uniquely to each deployment and combined with a configurable encryption algorithm to provide a security context for cookie protection.
You can refer more detail over here https://support.f5.com/csp/article/K6850