Forum Discussion
ASM-legitimate traffic
I'm new to ASM, and I have a security policy that's causing blocking of my legitimate traffic. How can I resolve this issue?
Hi,
You need to let your ASM policy get a sufficient period of learning to avoid most of false positives or blocking legitimate traffic.
Please have a look in this article: https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-12-1-0/23.htmlAlso, I recommend this AWAF Demos from F5: https://youtube.com/playlist?list=PLZmbPz-KgDtgJLfsdLmSHIXyv0TlQ-CJj
it will enhance your skills in AWAF by showing you most of AWAF Use cases and how to implement them.
learning for sure is a good way to prevent this if you have the environment for it.
when you now have something blocked which shouldn't be blocked you have to find to configuration which causes the block and change that. Where and how exactly differs from block reason to block reason. so can you share the message associated with the block in the ASM logs.
which TMOS version are you running?
also be sure to check with other employees working on this and having a chat with your F5 partner (or the demo's pointed out in the other post), getting ASM explained will help a lot then trying to find out everything yourself in production.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com