AndOs
Dec 20, 2016Cirrostratus
Security considerations for APM portal access
Security considerations for APM portal access
We are publishing an application through APM with a portal access for the first time.
With no ASM in front, are there any security aspects we should consider for the actual "portal delivery"?
We can't do much about the application being published, but perhaps there are settings we should adjust that's not set out of the box for a portal app?
We've already set ACLs as described in theese posts
https://devcentral.f5.com/questions/portal-access-security-problem-manipulation-with-hex-string-in-url-mangle-allows-access-to-any-internal-website-how-to-restrict
https://devcentral.f5.com/articles/apm-security-protecting-internal-resources-using-acls
Is there anything else we should set as a best practice?
Any advice appreciated!
Thanks
/Andreas