ASM 11.1 IP Whitelist/Blacklist

Question

Is there a way to whitelist an IP address or a range of IPs on ASM 11.1? What about the IP Enforcer, does that work for blacklisting only?&nbsp;
 &nbsp;
Thanks,&nbsp;

mike_maher · Answer

So IP Enforcer is not a whitelisting or blacklisting tool, it is actually designed to detect IP addresses that are tripping multiple violations over a short period of time. So really to detect something like scanning of the web application.&nbsp;
&nbsp;
I don't think there is anything in 11.1 but starting in 11.2 they introduced IP Exceptions which would allow to whitelist an IP or subnet for multiple different ASM protections in one place.&nbsp;
https://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-11-2-0/2.html?sr=27686485&nbsp;
You can do this under certian individual protection in prior versions.&nbsp;
&nbsp;
What is it that you are trying to whitelist an IP or subnet from getting caught under on the ASM?&nbsp;

magno_logan_568 · Answer

Hi Mike, 
&nbsp;  
&nbsp; Thanks for the clarification. Yeah, I heard 11.2 has the IP exceptions feature. I'm trying to whitelist a subnet from getting caught under a specific policy to avoid creating a lot of false positives because this subnets runs some constant scans on the website, by scan a mean just a regular request from time to time, not like a vulnerability scanning. I think I'll have to update my ASM. 
&nbsp;  
&nbsp; Thanks a lot!

Forum Discussion

ASM 11.1 IP Whitelist/Blacklist

2 Replies

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Global Blacklist or Whitelist

ASM logs

ASM LOGS

File upload and ASM

File Uploads and ASM