•
we will dive into the excitement and necessity of event logging. Throughout this ASM series, we’ve looked at log files from a distance but we never really talked about how to configure logging. I know…event logging might not be the most fascinating part of the ASM, but it’s really important […]
•
Let’s say you are building an awesome web application. You want to have as many visitors as possible, but you want to keep your application safe from malicious activity. The BIG-IP ASM can help secure your application by blocking harmful behavior before it ever gets to your app, but it […]
•
Data Guard As we all know, we need to protect the personal and sensitive information of our users. So back in the day, some super-smart people developed an iRule that scrubs out credit card numbers from HTTP traffic that passes through the BIG-IP (the link to the iRule is here). This […]
•
The ASM can do lots of great things to protect your application, not the least of which is the Geolocation features it offers. Geolocation enforcement allows you to configure which countries can access your web application. The ASM matches the client’s IP address to its physical location and if your […]
•
This article will discuss some really cool ASM features: IP address intelligence and whitelisting. It’s hard to defend against all the crazy cyber threats out there today, so wouldn’t it be nice to know if the IP address requesting access to your application is trusted or not? And, wouldn’t it […]
•
concepts of XML and how the BIG-IP ASM provides security for XML XML Concepts The Extensible Markup Language (XML) provides a common syntax for data transfer between similar systems. XML doesn’t specify how to display data (HTML is used for that), but rather it is concerned with describing data that […]
•
What Is An Attack Signature? Attack signatures are rules and patterns that identify attacks against your web application. When the ASM receives a client request (or a server response), the system compares the request/response to the attack signature associated with your security policy. If a matching pattern is detected, the […]
•
The Importance of File Types, Parameters, and URLs- This third article in the series will discuss the importance of File Types, Parameters, and URLs. It’s no surprise that your web app will include various files, parameters, and URLs. It’s also no surprise that these same files, parameters, and URLs can […]
•
What Is A Security Policy? A security policy is a collection of settings that secures traffic for a web application by determining what traffic can access that application. This policy is the critical and foundational set of rules that will ultimately protect your application. Let’s say you have a web […]
•
The Basics Why A Layer 7 Firewall? Traditional network firewalls (Layer 3-4) do a great job preventing outsiders from accessing internal networks. But, these firewalls offer little to no support in the protection of application layer traffic. As David Holmes points out in his article series on F5 firewalls, threat vectors today […]