Manual : BIG-IP Application Security Manager: Implementations

Applies To:

  • BIG-IP ASM

    21.0.0, 17.1.3, 17.1.2, 17.1.1, 17.1.0, 17.0.0

Adding Entities to a Security Policy

Adding JSON Support to an Existing Security Policy

Adding Server Technologies to a Policy

Automatically Synchronizing Application Security Configurations

Changing How a Security Policy is Built

Changing Security Policy Settings

Configuring ASM with Local Traffic Policies

Configuring Bot Defense

Configuring DoS Policy Switching

Configuring General ASM System Options

Configuring HTTP Headers that Require Special Treatment

Configuring Security Policy Blocking

Configuring What Happens if a Request is Blocked

Connection Mirroring With ASM

Creating Login Pages for Secure Application Access

Creating Security Policies for AJAX Applications

Disallowing Application Use at Specific Geolocations

Displaying Reports and Monitoring ASM

Fine-tuning Advanced XML Security Policy Settings

Implementing Web Services Security

Integrating ASM and APM with Database Security Products

Integrating ASM with Database Security Products

Legal Notices

Logging Application Security Events

Maintaining Security Policies

Managing IP Address Exceptions

Manually Synchronizing Application Security Configurations

Masking Credit Card Numbers in Logs

Mitigating Brute Force Attacks

Mitigating Open Redirects

Mitigating Server-Side Request Forgery

Monitoring ASM System Resources

Preventing DoS Attacks on Applications

Preventing Session Hijacking and Tracking User Sessions

Protecting Sensitive Data with Data Guard

Refining Security Policies with Learning

Securing Applications That Use WebSocket

Securing FTP Traffic

Securing SMTP Traffic

Securing Web Applications Created with Google Web Toolkit

Setting Up Cross-Domain Request Enforcement

Setting Up IP Intelligence Blocking

Supporting HTTP Multipart Batch Requests

Synchronizing Application Security Configurations Across LANs

Updating Security Components

Using Shun with Layer 7 DoS

Viewing DoS Reports, Statistics, and Logs

Working with Anti-Bot Mobile Application SDK

Working with OpenAPI

Working with Passive Monitoring

Working with Security Policy Microservices

Working with Violations