Link to home
Start Free TrialLog in
Avatar of sunhux
sunhux

asked on

Hardening for F5 products esp F5 WAF App Security Manager

CIS has hardening guides for various Windows, UNIXes and Cisco switches/routers.
There are hardening guides for Juniper as well.

Now our Audit wants a hardening guide for WAF : we use F5.

Q1:
Can anyone point me to such a hardening guide for F5 WAF?

Q2:
if there's none, any link/authoritative guide indicating it's been
sufficiently hardened (as it's an appliance customized from RHEL 5?)
will be appreciated.

Need a good justification why we don't have hardening guide in place
for F5 WAF
SOLUTION
Avatar of David Favor
David Favor
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of sunhux
sunhux

ASKER

RHEL5 is probably no longer supported by Redhat but the version of
of WAF supported by F5 is one of the latest : it's common that many
appliances are customized from older base OS.  I've not heard of
F5 WAF/GTM/LTM that's based on RHEL7, has anyone?

So long as the principal (in this case F5) supports it, that's what matters.
In fact, a number of PABX/voice recorders are based on RHEL5 too.

I know one McAfee NSM appliance was still based on Windows 2003
& McAfee supports it
SOLUTION
Avatar of btan
btan
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of btan
btan
For author advice
Avatar of sunhux
sunhux

ASKER

A question is raised what are the pre-hardening that F5 has done out-of-the-box for this F5 ASM (our model is 4200).
Any doc / links on this?
ASKER CERTIFIED SOLUTION
Avatar of btan
btan
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of btan
btan
For author advice