F5 ASM - DoS protection and local traffic policies
Hi experts.
I successfully managed to segregate ASM policies for different FQDNs that coexist on the same VIP (using Local Traffic Policies and "Host Header" as a classifier). The default rule within Local Trafic Policy is to disable ASM and DOS protection except for traffic destined to: * www.site1.com * www.site2.com
What is your recommendation on building tailored DOS profiles for FQDNs (that reside on same VIP)? Should each FQDN site require its own DOS and ASM policies in order to keep statistics unique for particular site? The corresponding ASM rule-set would be:
RULE1: NAME: www.site1.comConditions: http-host host equals www.site1.comActions: asm enable policy ASM1, l7dos enable DOS1
RULE2: NAME: www.site2.comConditions: http-host host equals www.site2.comActions: asm enable policy ASM2, l7dos enable DOS2
RULE3: NAME: defaultActions: asm disable, l7dos disable
What is the DOS security policy that is to be applied on VIP (itself) in such scenario?
Thank you!!