Forum Discussion

Kuldeep22's avatar
Kuldeep22
Icon for Altostratus rankAltostratus
Jun 27, 2024

ASM-legitimate traffic

I'm new to ASM, and I have a security policy that's causing blocking of my legitimate traffic. How can I resolve this issue?

  • Hi, 
    You need to let your ASM policy get a sufficient period of learning to avoid most of false positives or blocking legitimate traffic. 

    Please have a look in this article: https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-12-1-0/23.html

     

    Also, I recommend this AWAF Demos from F5: https://youtube.com/playlist?list=PLZmbPz-KgDtgJLfsdLmSHIXyv0TlQ-CJj

    it will enhance your skills in AWAF by showing you most of AWAF Use cases and how to implement them.

  • learning for sure is a good way to prevent this if you have the environment for it.

     

    when you now have something blocked which shouldn't be blocked you have to find to configuration which causes the block and change that. Where and how exactly differs from block reason to block reason. so can you share the message associated with the block in the ASM logs.

     

    which TMOS version are you running?

     

    also be sure to check with other employees working on this and having a chat with your F5 partner (or the demo's pointed out in the other post), getting ASM explained will help a lot then trying to find out everything yourself in production.