ASM Policy Deployment Approach?

Question

Hi All,&nbsp;
Need your ASM insights if it is possible that we already block all signatures (in the first place) while learning the composition of the websites automatically? &nbsp;
Note: We asked this because our understanding about ASM signatures is that this is already a well-known attack.*&nbsp;
Based on above, may we know what ASM deployment approach can address our above concern?&nbsp;
Appreciate your urgent reply. Thanks&nbsp;

ltwagnon · Answer

It looks like you are asking if you can use one of the automatic policy building options and turn on blocking for signatures while you are letting the automatic policy learn the application? If so, then you can do that...you will need to make sure signatures are not in staging (put them in blocking mode). Be aware, though, that you may get several false positive blocks if you turn on blocking before the policy is fully aware of your application.

Forum Discussion

ASM Policy Deployment Approach?

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

2026 301a exam

F5OS login with admin/root failed via console

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

UCS Encryption Question

Unblock Request WAF

Related Content

Where are F5's archived deployment guides?

Coordinated Vulnerability Disclosure: A Balanced Approach

F5 BIG-IP deployment with OpenShift - per-application 2-tier deployments

Automating F5 Application Delivery and Security Platform Deployments

BIG-IP Next for Kubernetes Nvidia DPU deployment walkthrough

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS