Forum Discussion

ghost-rider_124

Icon for Nimbostratus rank

Nimbostratus

Feb 17, 2015

ASM Signatures Update

Hello Experts

Should I make signature updates manual or automatic? What is the best practice

ASM Advanced WAF

2 Replies

Max_Q_factor
Cirrocumulus
Feb 27, 2015
Best practices are a matter of opinion. I think getting the signatures into your policy as quickly as possible is a good practice so automatic would be best for that. BUT, you have to be aware of new or updated signatures causing false positives and leave yourself a long enough staging period to review the learning suggestions in order to not create an issue with the protected resources by enforcing potential false positives and denying regular traffic.
boneyard
MVP
Feb 28, 2015
also think about the opposite, signatures that have been changed significantly go to staging. this might mean your expected protection is suddenly different.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Bram - January 2026 Featured Member

DevCentral News

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

container ingress services

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5