ASM Policy Building

Question

Q1-When Creating Applications , if i choose Deployment Scenario as "Manual" , does this mean that i used Mnaual security policy ? &nbsp;&nbsp;
&nbsp;Q2-When Creating Applications , if i choose Deployment Scenario as "Production" , does this mean that i used Automatic Policy Builder ? &nbsp;
&nbsp;Q3-after finishing the wizard with using deployment scenario as "Production" , the Automatic Policy Builder option wasnot enabled under 
&nbsp;Application security &gt; auto policy building &gt; Configuration but in the same time the GUI showed a message " ASM is detecting traffic" , How come that Auto Policy builder is initiated when using "Production" while Check Box for Auto Builder is not enabled ? &nbsp;
&nbsp;Q4- When using Automatic Policy building , i believe that POlicy Builder will enforce Signatures , URLs ..... after certain period of time , How to know &amp;Control this time ?

sshssh_97332 · Answer

Hi

sshssh_97332 · Answer

Hi  , i need answer for Q3  &amp; Q4

imij_38396 · Answer

hey SSHSSH,  
&nbsp;  
&nbsp; Sorry - i'm not logged into the box at the moment, but there is a place under the ASM policies section that allows you to set the staging time of a policy.  One thing i've grown to making into habbit is always making policies in transparent mode - always - this at least gives me a default window of time before the policy actually goes into production.  I think that amount of time is seven days.  the item you want to look for though is staging time.  i believe if you pull down the asm config pdf file and search on times or staging you'll find it - but, that's what it's called: staging time.  
&nbsp;  
&nbsp; hope this helps.  
&nbsp;  &nbsp;

imij_38396 · Answer

also - after creating policies transparent mode will pick up any security item set to alarm.  for example:  using a simple default policy has certain attack signatures checked as "alarm".  depending on where you have the appliance sitting on your network it will begin to alarm/log items that fail a signature check.

Forum Discussion

ASM Policy Building

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

ASM policy

Lightboard Lessons: BIG-IP ASM Policy Building

Compare two ASM Policies

ASM Policies role based access

ASM Policy Report

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS