Forum Discussion

Cirrus

Jul 24, 2017

ASM best practices and web application updates

Hello! Could anyone kindly elaborate how the ASM detects web application changes when the application has been upgraded and has changed - does it detect new variables/parameters (that have been ...

application delivery

ASM Advanced WAF

asm best practices

changes in web application

security

upgrading web application

samstep

Cirrocumulus

Jul 30, 2017

Actually I believe the best practice is to never switch the policy to transparent mode in Production. The second you do that - you disable your protection and leave the application exposed to attacks.

What you do is let the policy learn all the application changes in TEST environment - test it with your QA team and verify the changes with application developers to make sure the policy does not block good traffic, then export the policy out of test environment's ASM and import it into the Production ASM.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ASM best practices and web application updates

Recent Discussions

Is a Dedicated Interface, VLAN, and Self IP Required for a VIP in an F5 Configuration?

question about getting hsl data to be formatted properly in splunk

Problem with lets encrypt and redirect after update

where can find silverline ddos protect config guide?

iRule for client certificate verification and inserting CN

Related Content

Are ASM Attack Signature Updates Cummulative?

HA recommended best practices

101 - Application Delivery Fundamentals

Partial Updates to Metadata for GTM and LTM

iWorkflow application deployment issue

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS