Last Modified: Oct 15, 2025
Affected Product(s):
BIG-IP APM
Fixed In:
17.5.1.3, 17.1.3
Opened: Jul 23, 2025 Severity: 3-Major
ECA always invokes the kerberos_auth_default profile, even when it’s known that the request will be denied later.
Increasing unnecessary load on apmd, which will cause a performance issue during peak time.
-- SSL Orchestrator Proxy configured with SWG-explicit NTLM ONLY Access Profile
None
ECA will not send a known invalid request to APMD to deny