For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

tiwang's avatar
tiwang
Icon for Nimbostratus rankNimbostratus
Jun 14, 2013

Enforce Attack Signature in ASM

Hi out there   I have a problem which might be pretty simple - and probably caused by insufficent knowledge of the system - but - I have a couple of F5's where I have had a security policy running...
config
design
Martijn_65080's avatar
Martijn_65080
Icon for Cirrus rankCirrus
Aug 19, 2013

I think the Signature is already enforced when you have the policy set to blocking.

 

The page you mention allows you to disable the Sig or disable the Sig on parameters, but actually says that traffic hitting the signature has already been detected. This is probably so due to the fact the policy is still in learning/staging mode and ASM will allow you to change the settings for signatures that have already been detected.

 

So depending on the policy being set to blocking or transparant this sig will be blocked already.

 

Regards,

 

Martijn