Forum Discussion
Arthur_7109
Aug 29, 2012Nimbostratus
Enabling signature staging only for new updates
Hi there,
We have several ASM security policies in blocking mode, with the attack signatures set to blocking, and disabled some that were causing false positives.
We have disabled "Signature Staging".
Now we want to update the signatures, and have the new and modified ones in staging, while keeping the others in blocking mode, so no staging.
That requires enabling staging, but then all signatures are put in staging mode (this is before doing the sig update).
I can workaround that by going to the traffic learning page and "Attack Signature Staging", and manually enforce the signatures.
When after that I update the signatures, only the new/changed ones are in staging, like I wanted.
But this is cumbersome, and I have some 60 such policies.
Is there a better way to achieve this? Enabling signature staging only for new updates, so not putting all existing sigs in staging?
This is for ASM version 9.4 but that may not matter much. And I'll need to do it in version 10.2 later anyway.
Thanks,
Arthur
No RepliesBe the first to reply
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects