ASM signature update enforcement

Question

Hi guys,&nbsp;
We have ASM policies in blocking mode and realtime policy building disabled on them.
Now my question is when there are new signature as a result of update, would them be enforced at any point of time? I understand they will be put in staging after signature update, but I am not sure if they are taken out of staging if we have the policy building disabled? Can you please advise?&nbsp;
Thanks in advanced&nbsp;

nathe · Answer

RasGhz, the new signatures (and optionally updated ones too if you check the box) will be in Staging until the Enforcement Readiness Period (default is 7 days) is over and there have been no violations on them. At this point you will need to remove them from staging by selecting Enforce. If there were any ones that did trigger a violation  you need to double check whether it was a true positive - and Enforce - or a false positive - disable the signature.&nbsp;
So, to confirm, it is not an automatic process. &nbsp;
Hope this helps,&nbsp;
N&nbsp;

Forum Discussion

ASM signature update enforcement

Recent Discussions

irule to enable http/2 acceleration

Service discovery is not happening in AS3

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

FTP PASV mode to Extended Passive mode

Oracle JDBC SSL Termination failing on F5

Related Content

BoT Defense Profile, Signature Enforcement

Live Update- ASM attack signatures

Using bash and tmsh to make bulk updates

export "ready to be enforced" signature list

Automate ASM "Ready to Be Enforced" Attack Signatures

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS