Forum Discussion
ASM application security synchronization
When we are talking about an HA environment of two Big IPs with LTM and ASM operating, what would be the difference of the conventional configuration synchronization configuration for the application security synchronization ASM option?
My question is that even without enabling application security synchronization, the settings I had made on the active device had been replicated to standby.
- natheCirrocumulus
Do you mean LTM changes or changes to an ASM policy? For the latter you would need ASM sync setup.
- SergioPontes_36Nimbostratus
OK. I found it strange because I'm in version 14 and even without activating application security synchronization, the policies I created on the active device were replicated to Standby. Is there anything more specific that is updated if I enable application security synchronization?
My question would be this. What is actually synchronized in the ASM module only with traditional HA configurations, and what is synchronized after I enable application security synchronization?
- Simon_BlakelyEmployee
Did you verify that the actual ASM Policy content was synced, or was it just the policy name attached to an empty policy?
An ASM policy consists of an entry in the
, which just tells mcpd that there is an ASM policy of that name, and an ASM database entry. If mcpd sees ASM policy names inbigip.conf
without the matching ASM database policy data, the policies will be auto-created as empty (and transparent) ASM policies.bigip.conf
The actual policy configuration settings are stored by ASM in a mysql database - this is what is managed by ASM policy synchronization.
I suspect that you managed to sync the policy names but not the Policy settings.
Of course, it could be a new issue. - samstepCirrocumulus
you can find the manual on v14.0 ASM sync here
- SergioPontes_36Nimbostratus
Many thanks for you support. I think it has now been well explained.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com