Forum Discussion
AubreyKingF5
Moderator
Jun 09, 2023The way I've always approached this is to have a separate VS for every service in Exchange. Only apply the WAF policy to the OWA VS and apply it transparent in learning to understand your traffic and to build policy from it. Once you have your false positives out of the way and you are only seeing attacks, put it in blocking mode.