Automatic vs manual deployment

Question

Hi all,&nbsp;
What are the differences between deploying a policy automatically and manually? I guess the main difference is the Policy builder stage in the automatic mode which allows delete false positives before enforcing the policy. On the other hand, in the manual deployment it's also possible to delete false positives using the transparent mode during a determined period of time. &nbsp;
My questions are:
- Are there more differences between a manual and an automatic deployment?
- Based on your experience, when would be recommendable to use manual or automatic deployment?
- After enforcing an automatic deployment, are only protected the url's and parameters learnt during the Policy builder or are all the parameters protected such in the case of manual deployment?&nbsp;
Thanks in advance&nbsp;

yann_desmarest_ · Answer

Hello,&nbsp;
The Policy Builder and the staging/learning process is not really the same.&nbsp;
You can deploy a security policy manually with staging of signatures and urls, parameters, file types. This will allow you to fine tune you policy based on the application.&nbsp;
With Policy Builder, the engine build and fine tune the whole security policy. At the end, you should not have so much fine tuning to do.&nbsp;

yann_desmarest · Answer

Hello,&nbsp;
The Policy Builder and the staging/learning process is not really the same.&nbsp;
You can deploy a security policy manually with staging of signatures and urls, parameters, file types. This will allow you to fine tune you policy based on the application.&nbsp;
With Policy Builder, the engine build and fine tune the whole security policy. At the end, you should not have so much fine tuning to do.&nbsp;

albert_252822 · Answer

Hi Yann,

But what happens if some parameters or urls aren't accessed during the learning with Policy builder, will the Policy builder evaluate them and included them on that "automatic fine tunning"?

albert_252822 · Answer

Hi Yann,

But what happens if some parameters or urls aren't accessed during the learning with Policy builder, will the Policy builder evaluate them and included them on that "automatic fine tunning"?

Forum Discussion

Automatic vs manual deployment

4 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

Where are F5's archived deployment guides?

F5 rSeries: Next-Generation Fully Automatable Hardware

Decrypting BIG-IP Packet Captures Automatically

Automating F5 Application Delivery and Security Platform Deployments

F5 BIG-IP deployment with OpenShift - per-application 2-tier deployments

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS