ASM Policy Differencial Enabled vs. Staging difference for Policy Signatures

Question

Policy A shows a number of Policy Signatures 'Disabled'. Policy B shows Policy Signatures 'Enabled'. Could someone please confirm that if I go with the Enabled policy, that VIP with said policy will now have those signatures enforced per policy (e.g. if policy is in blocking mode, requests against enabled signature will be blocked).&nbsp;
Thank you!&nbsp;

gsharri · Answer

The enabled signatures in policy B will be applied to the traffic but blocking requests which match signatures depends on several things:&nbsp;
1. Policy enforcement mode must be set to Blocking&nbsp;
2. Signatures must be enforced (staging disabled on each signature)&nbsp;
3. Attack signatures must have Block checkbox enabled on the Traffic Learning screen  
&nbsp;
Scott&nbsp;

check1t_282465 · Answer

Sidebar question to my original query regarding Policy A (Policy Signatures Disabled) vs. Policy B (Policy Signatures Enabled). If I take a specific attack signature, and I navigate via Security  ››  Application Security : Attack Signatures.  Lookup specific signature for Policy A, and it details ID, Learning, Staging (No), Learn, Alarm, Block, Enabled status.  All good. However, when I attempt to lookup signature B, No entries found.  If the Policy does not have the Signature, how can it be Enabled??? &nbsp;
Thanks again.&nbsp;

Forum Discussion

ASM Policy Differencial Enabled vs. Staging difference for Policy Signatures

Recent Discussions

AS3 Limitations

Diameter iRules attachment?

Help needed with iRule (connection closed log )

Use of SSL Decryption.

VLAN Failsafe Functionality

Related Content

Support of WAF Signature Staging in F5 Distributed Cloud (XC)

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

BoT Defense Profile, Signature Enforcement

Wildcard Parameter signature attack

Live Update- ASM attack signatures

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS