XML parsing by XML firewall
Good day.
I have a financial application behind my F5 (i2800) and I need to search specific fields in XML body of requests/responses to/from this application and log theese pairs (one value from request, another - from corresponding response) to the remote HSL. Such a simple anti-fraud system.
I know this can be done via iRule, but can I use XML firewall in ASM to realize it?
I don't want to use an iRule because it's not scalable and number of these pairs of XML fields I need to parse and log will grow quite rapidly.
Thank you.
You can DEFINITELY use ASM / AWAF to inspect XML. ASM has an option to upload a WSDL to build policy from when you're doing explicit XML firewalling. The only thing that a true-to-form XML Firewall does that ASM does not is XML transformation. This may have changed in more recent AWAF versions, unbeknownst to me.