ASM Deployment

diagram_05.png

API Security

Manual Chapter v13.1.0: Implementing Web Services Security
Manual Chapter v13.1.0: Creating Parent and Child Security Policies

Fundamental, Enhanced, Comprehensive

Fundamental = Grundlegend
Enhanced = Verbessert
Comprehensive = Umfassend

The following is from the v12 UI (Security – Application Security : Policy Building : Learning and Blocking Settings, Policy Type)

Fundamental
 

Enhanced
Fundamental plus:

Comprehensive
Enhanced plus:

  • HTTP Protocol Compliance
  • Evasion Techniques
  • Learn New File Types + Lengths
  • Learn New Parameters in selective mode at Global level
  • Methods
  • Attack Signatures
  • Request length exceeds defined buffer size
  • Host Names
  • Failed to convert character
  • Learn New Redirection Domains
  • Bad WebSocket handshake request
  • Failure in WebSocket framing protocol
  • Mask not found in client frame
  • Null character found in WebSocket text message
  • Illegal websocket frame length
  • Illegal number of frames per message
  • Illegal binary message length
  • Illegal WebSocket extension
  • Learn New URLs in selective mode + Meta Characters
  • Learn New Parameters in selective mode + Lengths, at Global level
  • Learn New Cookies
  • Content Profiles
  • Bad WebSocket handshake request
  • Failure in WebSocket framing protocol
  • Mask not found in client frame
  • Null character found in WebSocket text message
  • Illegal websocket frame length
  • Illegal number of frames per message
  • Illegal binary message length
  • Illegal WebSocket extension
  • Illegal cross-origin request
  • Plain text data does not comply with format settings
  • Learn New URLs + Meta Characters, Classify Request Content
  • Learn New Parameters + Lengths, at URL level, Classify Value Content
  • Parameter Meta Characters
  • Dynamic Parameters: Using Statistics
  • CSRF URLs
  • Header Length
  • Cookie Length
  • Bad WebSocket handshake request
  • Failure in WebSocket framing protocol
  • Mask not found in client frame
  • Null character found in WebSocket text message
  • Illegal websocket frame length
  • Illegal number of frames per message
  • Illegal binary message length
  • Illegal WebSocket extension
  • Illegal cross-origin request
  • Plain text data does not comply with format settings
  • Binary content found in text only WebSocket
  • Text content found in binary only WebSocket

https://devcentral.f5.com/questions/asm-confusion-about-wildcard-selective-all-entities-49185
-> “Add All Entities Creates a comprehensive whitelist policy that includes all web site entities”

Learning Schemes to build a policy

BIG-IP ASM Policy Builder updates

BIG-IP 13.0

Updates to Policy Builder in BIG-IP 13.0 include the following enhancements:

BIG-IP 12.0

There are several updates to Policy Builder in BIG-IP 12.0, including the following:


Revision #2
Created 17 March 2021 05:26:54
Updated 20 September 2022 09:58:29