Evasion Technique Violation Protection

Overview

Evasion techniques refer to techniques usually used by hackers to attempt to access resources or evade what would otherwise be identified as an attack. Like HTTP compliance, evasion techniques have a list of sub-violations that can be configured for additional granularity and to reduce false positives.

Prerequisites

  • Verify any attached application services to ensure proper security after changes are deployed.

  • You need to have a user role of Security Manager or Administrator to manage a WAF policy.

How to manage evasion technique violations

Evasion technique violations are automatically enabled or disabled on a policy based on your selected template. You can use this process to manually enable or disable violations configured to your policy.

  1. Click the workspace icon next to the F5 icon, and click Security.

  2. From the left menu click Policies under WAF.

  3. Select the name of the policy.

    A panel for the General Settings opens.

  4. From the panel menu, click Evasion Techniques.

    The panel displays evasion technique violations.

  5. Toggle the button next to each violation to enable or disable policy enforcement.

  6. Click Save.

  7. If you have completed your changes to the policy, click Deploy to update associated BIG-IP Next instance(s).

  8. To confirm the deployment, click Deploy.

Resources

Evasion technique protection management using the policy Editor

Edit the WAF policy JSON declaration directly through the WAF policy editor.