Forum Discussion
NimbostratusASM Traffic Learning Template Test Use Case for App Team
Hi, For traffic learning for ASM policy, what testing to be done from the application side. Do we have any template excel sheet which can be shared to the application team so that on the basis of this template sheet they can test and f5 can learn the traffic.
regards, Anurag
- boneyard
MVP
in general it is just using all features of the application.
the application team probably knows best what their application can do, so they just have to perform every action possible within the application.
wesleyjackAlso, you can ask the app team if they have some sort of user-acceptance testing. We deal with a ton of websites that have poor documentation, so the app team has no idea about specific parameters or URLs. If you are looking for some specifics while ASM traffic learning is on, here are some thoughts:
- Make sure the app team uses any/all forms, especially those that accept user-input
- If the app/website allows for file uploads, they need to use these
- Structured languages like XML/JSON should be exercised during learning
- Non-browser clients (if used at all) should be used by app team
- If they have any vulnerability scanner make sure they turn it off, or create a learning exception in your policy for the scanner's IP
- If they will be consistently testing from a source IP, or even multiple source IPs, then you can establish those as trusted in your policy to speed up learning
That's all I can think of off-the-top without having much more info about your policy. Also, depending on your tuning, those thoughts may or may not help you with the end results. But hopefully they do!
