Forum Discussion
boneyard
MVP
Oct 14, 2019APM isn't really a WAF, it is an authentication module.
and trying to stop APM from getting detected will be impossible in my opinion. the whole setup with the my.policy and such is hard coded, the login page contains lots of finger printable information.
you will need to do some extreme things to make this happen, i wouldn't pursue it. just keep your BIG-IP updated and keep an eye out for security alerts.