Forum Discussion
Peter_Baumann
Cirrostratus
CirrostratusASM: What is "Passive Deployment Policy" Template?
Hi all, In ASM v13.1.0 I try to figure out what the Passive Deployment Policy Template is exactly for.
I could not find any information in the documentation about it.
Also since v13 it is not possible to change the policy type after creation of a policy.
Does someone know where the v13.1.0 ASM "Generic Templates" are documented?
I know the Operations Guide for ASM, but it includes only a very basic description of the policy templates.
v13.1.0 Generic Templates:
* API Security
* Comprehensive
* Fundamental
* Passive Deployment Policy
* Vulnerability Assessement Baseline
Thanks for your help,
Peter
Erik_NovakEmployee
To clarify the documentation a bit, in passive mode, ASM analyzes a copy of the traffic but does not modify it. It cannot enforce any actions, but can log events and display reports. This method is non-intrusive and does not require configuring any VLANs or IP addresses. The use case for this is customers evaluating our products with minimal risk, no performance impact, and in need of quick deployment. A policy based on the Passive Deployment Template is recommended in this scenario because it cannot impact traffic.
youssef1Cumulonimbus
Hi Peter,
It can help you: https://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-13-1-0/44.html
I think you ca use it for Working with Passive Monitoring...
Regards