Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral


Questions and Answers

Loading... Loading...

Straight from the manual, yo:

Source IP-Based Client-Side Integrity Defense
Determines whether a client is a legal browser or an illegal script by injecting JavaScript into responses when suspicious IP Implementing Anomaly Detection Configuration Guide for BIG-IP® Application Security Manager™ 6 - 7 addresses are requested. Legal browsers can process JavaScript and respond properly, whereas illegal scripts cannot. The default is disabled.

What actually happens when a client is found to be non-human?  My guess is that the ASM attempts to sort out what's a "good" connection from what's a "bad" connection, where bad means "script", but I'd like a definitive description.

How does this interact with the 'Operation Mode' settings?  Does choosing 'Transparent' override the Prevention Policy settings, limiting the ASM to reporting on the DoS attacks?

If anyone has actually tested the combinations of Operation Mode and Prevention Policy settings, I would love to hear what you found.

Thanks in advance,

R


Be the first one to answer this question!

You must be logged in to reply. You can login here.