AWAF automatic-learning poisoning estimator

How many requests does an attacker need to drill a hole through your BIG-IP Advanced WAF policy when the Policy Builder is left in Automatic learning against untrusted traffic? Enter your Loosen thresholds and the attacker's resources; it computes the minimum sources, requests, and time to force one automatic relaxation, and gates on the rules that make it impossible. Runs entirely in your browser.

Security & WAF

Your Policy Builder Loosen configuration

The attacker

Computed in your browser. Nothing is sent.

A deterministic model of F5's documented Policy Builder behaviour, not a probe. It never contacts a BIG-IP. Read your policy's real Loosen thresholds from Security > Application Security > Policy Building > Learning and Blocking Settings.

Drillable: this configuration can be relaxed automatically. Minimum attacker effort:

10distinct source IPs
10+requests (lower bound)
24 hminimum elapsed time

What the docs say

  • In Automatic mode, a suggestion that reaches a 100% learning score is accepted and enforced with no human in the loop — including suggestions that disable a violation or widen an entity.
  • At rating 3, F5 slows learning and requires more different sources and sessions before it relaxes. The higher the rating, the more expensive the poisoning.
  • Trusted clients relax the policy with as little as one session; untrusted traffic needs many more distinct sources over a period. That asymmetry is the anti-poisoning design.
  • This request count is a documented lower bound (one distinct hit per required source/session). A real campaign needs more, because the pattern must recur to raise the score.

How to close it

  • Set Learning Mode to Manual (or Disabled) so no suggestion is applied without a human accepting it. This is the clean default for production.
  • Loosen only from trusted traffic where the option exists (Track Site Changes), and build policies from a known-good Trusted IP range rather than live untrusted traffic.
  • Raise the untrusted Loosen thresholds (different sources, sessions, time spread) so untrusted traffic effectively never relaxes the policy during the learning period.
  • Never put internet-reachable or attacker-reachable ranges in the Trusted IP list — trusted traffic relaxes the policy with a single session.
  • Once the policy is built and stable, disable automatic policy building (or Track Site Changes) so the policy stops learning from live traffic.

This scenario loosens from untrusted traffic in Automatic mode — the exact configuration to avoid on an internet-facing policy.

API endpointGEThttps://ronutz.com/api/v1/f5-awaf-learning-poisoning-estimatorDocumented, not served. Opens the specification.

References