-
DDOS protection dashboard
There is currently no dashboard displaying the status of the DDOS protection. It would be nice to have some metrics like standard traffic levels, usual attack types, burst absorbed, etc.0
-
Alert policies to target observability HTTP monitors
When configuring an alert policy for an Observability (Synthetic Monitoring) HTTP monitor, there is no way to target alerts from specific HTTP monitors to send notifications to a subset of users. The alert policy applies to all monitors/alerts acr...1
-
limit the file size of uploads
No description provided0
-
Reporting Enhancement for Low and Slow DDoS Attack reporting
Dear all During the troubleshooting of a deployment we were experiencing HTTP response codes of 408, without understanding the reason. Opening a support ticket we were informed that the HTTP POST was identified as a Low and Slow and the 408 was th...0
-
Audit Log Alerting - non-SSO log in
There is a risk concern around the ability of a tenant admin to log in directly or through SSO (Oauth) to our tenant. I would like the ability to alert when a non-SSO log in occurs as we adopt a policy that non-SSO log in is only performed for eme...0
-
renaming the DDoS and Transit services service.
As this service is the only one that has the word DDoS in it, most users (including F5 ones) believe the tenant is not protected against DDoS attacks if the service is not enabled, although F5XC’s load balancers have built-in DDoS protection. This...0
-
allow more than 4 IP Prefix Sets per service policy
Today the console limits the user to 4 IP Prefix Sets per service policy. So for example if you have call centers in the Philippines and other countries and want to allow them through based on IP range instead of allowing the entire country you ca...1
-
Additional fields for security dashboard in `system` namespace
The following information are available in the security dashboard under individual namespace but are missing from the `system` namespace. WAF LB Mode DDOS Detection/Mitigation IP Reputation0
-
Support a new action for malicious user mitigation methods
We currently support CAPTCHA, Block and JS challenge. If we can support 'Header Inserion' as a new action for the malicious user detection feature, customers can consume that the suspicion score in other security devices.
3
-
Add transparent mode (Log Only) on IP Reputation Service
Could be useful to add the transparent mode on the IP Reputation service, to monitor it's behaviour and eventually analyze some False Positive request. Like the monitoring mode on the App Firewall config.1