Hi Everyone,

I work for an SI. Would like to highlight one of the most core issues with F5 XC.

We know that F5 has one of the most accurate, robust and stringent WAF Engines globally when it comes to BigIP. But when it comes to XC, we have noticed that the WAF detects and flags requests just fine. But when it comes to fine tuning, F5 XC does not show the Request body or the headers and which part of it was flagged just like it does in BigIP.

We know that XC has the capability to do these things but lack of visibility to the administrators makes it difficult to fine tune or correct the false positives. It should be noted that the solution to all false positives / fine tuning cannot always be creation of WAF exclusion rules. Which is why we are compelled to open a Support Case with TAC. It is seen that even the TAC team struggles with interpreting such requests as even they do not have enough visibility on their side.

Thus, we would like to request for the following changes in the Request Tab and Security Analytics Tab:

1. Encoded or Decoded Request Body

2. All HTTP Headers

3. If WAF has blocked something due to an illegal character/parameter, etc it should highlight it and show in the code block or request/response body.