Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

F5 Big-IP ASM - Best Practice

Hello everyone,

I need to review the configuration of an F5 ASM. I didn't find any security best practice nor checklist to review the key aspects of the ASM module.

Does a document describing the best practice exists ?

Regards,

EM

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

There is no single document describing best practices for ASM implementations due to the wide variances in web applications and architectures. The best approach is to identify recommended practices for your needs. It is a tremendously powerful web application firewall which can be phased into production from a relatively simple start to a very sophisticated protection system. A few key questions you should be able to answer before you attempt to configure anything: How many applications do you have to protect? How complex are the applications--specifically the building blocks of the apps such as file types, URLs, parameters, and route domains. How often do the applications change? Do you have access to the application developers to help you review the ASM security policies after system is in place? How much time overall do you have to devote to the daily operation of ASM? Do you have known vulnerabilities that you would like to secure first? Starting with the Rapid Deployment template, or by using the automatic policy builder, you can achieve different levels of comprehensive security.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

One thing I should have added is that an operations guide for ASM is in the works. Stay tuned.

0
Comments on this Answer
Comment made 06-Jun-2016 by Sadorect 395
I came here looking for the same answers. Please, is the Operations Guide available now...or in the near future? Thanks
0