Forum Discussion
NimbostratusASM in Transparent with Automatic Policy Builder Enabled
Hi Forum,
I just have a question question around using the Auto Policy Builder in transparent mode. As far as I can see there are two ways to do this
1) Build an automatically policy and switch the enforcement of to transparent
2) Build a manual policy / Rapid Deployment and switch the Policy Builder On
What is the best / preferred way to do this, is there any differences
I want to be sure it will not move to blocking until we do this manually, but we need the Auto PB on to make the loosing and tightening decisions.
Thanks for you help in advance
G
1 Reply
GreeceMonkey, this is a great question!
While there is no "one size fits all" answer to this, I have found it's easier to let the policy build automatically so that you don't miss anything (parameters, URLs, etc). That said, here's an article I wrote on policy building and there's some good discussion at the bottom that might help a little bit with this: https://devcentral.f5.com/articles/the-big-ip-application-security-manager-part-2-policy-building.
I hope this helps! John
