Checklist Of WAF

Question

Hi,&nbsp;
I work as an engineer in one of the agencies, We will receive two devices  LTM LOUDblancer &amp; WAF From a partner company F5&nbsp;
I have to check the equipment before I receive it, Is there a checklist to help me do this?&nbsp;
I want to make sure the service is safe and the settings are good&nbsp;

samstep · Answer

Are these hardware F5 devices that you are getting or virtual ones? Who ordered them and specified the requirements? The best way is to ask these people if configuration matched the defined requirements. If it is F5 ASM (WAF) you are getting and an external company has configured it to protect your web site/web application the best way to check if WAF protection is working is to compare penetration testing results before and after the WAF installation.&nbsp;
If you have never worked with F5 and will now be responsible for it the best way forward is to get training (instructor-led or online). More information is available here: https://www.f5.com/services/training&nbsp;
A good place to start is this article (First 30 days with F5):&nbsp;
https://devcentral.f5.com/articles/your-first-30-days-with-big-ip-24593&nbsp;

Forum Discussion

Checklist Of WAF<M profisinal service

1 Reply

Recent Discussions

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Related Content

7 Steps Checklist before upgrading your F5 BIG-IP

This Month In Security: Ep. 16 - Nov. - Identity Threat Report, AI Security & Governance Checklist

Security checklist for VCMP

Post of the Week: BIG-IP Upgrades

Re: Troubeshooting website connection