Attack Signatures updates

Question

Should I make policy on our firewall to permit any for F5-source-IP that be used to update attack signatures or there are list of IPs could be used as repository for these updates?&nbsp;
Which recommended IP should be used for attack signature updates? mgmt IP or Self IP? &nbsp;

ashwin_venkat · Answer

Hello Mahmoud,&nbsp;
If you are having the ASM perform signature updates automatically, then that would require your BIG-IP device to have internet connectivity either via the TMM interface or management interface.  Depending on which route it takes, make sure you have the IP range and port 443 specified in this article: https://support.f5.com/csp/article/K15202 allowed through the firewall policy.&nbsp;

Forum Discussion

Attack Signatures updates

Recent Discussions

How to Renew F5 Device Certificate

Use of SSL Decryption.

Big IP DNS Failover

Diameter iRules attachment?

Health Monitor unable to connect to OpenShift Router

Related Content

Live Update- ASM attack signatures

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Are ASM Attack Signature Updates Cummulative?

Exploit PowerShell, Ransomware Attack Report, Active Cyber Defense, Attack to GPS

Wildcard Parameter signature attack

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS