ASM and ADFS

Question

Hi&nbsp;
I am deploying LTM for balancing ADFS. As ADFS is using https customer has asked if ASM inspection is possible and if it would add any value.&nbsp;
Is anybody able to help answer to this?&nbsp;
Thanks in advance&nbsp;

nathe · Answer

Paul, I haven't done this myself, but my general opinion is if a http(s) service is published on the internet then a WAF will, in most cases, offer some protection and I would recommend it. This would be to prevent against known http rfc violations and general attacks, like xss. &nbsp;
A quick search on ADFS vulnerabilities returned this CVE  which is a XSS vulnerability. So, a WAF in a purely negative model of security would help. &nbsp;
Hope this helps,&nbsp;
N&nbsp;

Forum Discussion

ASM and ADFS

1 Reply

Recent Discussions

F5 terminal - help to run commands - disk space full

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Related Content

ADFS Proxy, APM, ASM Craziness

ADFS Proxy Replacement on F5 BIG-IP

ADFS WAP servers failed to establish trust with ADFS 2019 servers using internal vip

Big-IP and ADFS Part 5 – “Working with ADFS 3.0 and SNI”

ASM logs