-
Ability to have TLS fingerprint for User Identification
Because some flood requests come from different IPs, different ASNs and different countries, we need to discriminate the requests more finely with the TLS fingerprint for example.0
-
Export logs to PDF or forward logs to SIEM
For compliance and security monitoring purposes0
-
Add TLS fingerprint as option to block bad actors in the security event actions
Add TLS fingerprint as option to block bad actors in the security event actions. Currently we can only select IP address as options and depending on the case it might be useful to block on TLS fingerprint.0
-
Alert for origin servers that allow connections from the internet and are not locked down to the F5 Distributed Cloud IPs
One of the common mistakes customers behind a WAF solution in the cloud is to forget or to misconfigure their firewalls in a way an attacker can bypass the WAF solution by connecting directly to the origin servers. F5 Distributed Cloud could have ...0
-
Support requests that does not use SNI
We'd like to be able to communicate properly with tools that does not support SNI (here, for an example, our DNS traffic manager), so it would be great if VoltMesh was able to support these requests.0
-
Let multiple tenant owner being added at tenant creation
No description provided1
-
Rewrite the hostname part of the 302 Location header response
When the "Host rewrite" feature is enabled on the HTTP Loadbalancer and the backend server responds with 302 redirects with absolute path Location header (which includes the hostname the was rewritten by the HTTP LB), we need a way to rewrite the ...
0
-
K8s site should support Site Mesh group
Currently K8s sites do not expose IKE's container listeners outside the K8s cluster (NodePort), thus it is impossible to implement a Site Mesh group. The APIs to provision the Site Mesh group work, but the sites are simply not reachable. This is a...0 Planned
-
Add API Rate Limiting as an option to Malicious User Detection
As of today, Malicious User Detection considers the following threats: Forbidden Activity(403) Failed Login Activity WAF Activity IP Reputation When API Rate Limit is configured, l7_policy_event is generated and a HTTP Response Code of 429 is sent...0
-
Add the security events in the alert framework
Customer ***** typically receives attacks with tens of thousands of malicious requests that are correctly detected by voltmesh as security events. However, they need these events to generate alerts, just like error rates, request rates or response...0