Forum Discussion

Cirrus

Jul 24, 2017

ASM best practices and web application updates

Hello! Could anyone kindly elaborate how the ASM detects web application changes when the application has been upgraded and has changed - does it detect new variables/parameters (that have been ...

application delivery

ASM Advanced WAF

asm best practices

changes in web application

security

upgrading web application

samstep

Cirrocumulus

Jul 30, 2017

Actually I believe the best practice is to never switch the policy to transparent mode in Production. The second you do that - you disable your protection and leave the application exposed to attacks.

What you do is let the policy learn all the application changes in TEST environment - test it with your QA team and verify the changes with application developers to make sure the policy does not block good traffic, then export the policy out of test environment's ASM and import it into the Production ASM.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

ASM best practices and web application updates

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

AS3 Best Practice

Introducing the F5 Application Study Tool (AST)

Security Best Practices for F5 Products

F5 Certified Practice Exams

Cipher Suite Practices and Pitfalls

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS