Forum Discussion
AltostratusF5 ASM File Type Learn Explicit Entities in Rapid Deployment
Hi gurus
I am configuring ASM Security Policy in Rapid Deployment. The default File Type in this mode is only one "*" with "Never (wildcard only)" in Learn Explicit Entities. I want this Policy to learn all of file type so I changed Learn Explicit Entities to "Add All Entities".
But it not learn other File Type. What can I do?
Regards,
6 Replies
- boneyard
MVP
are you sure you configured and applied the policy? where there actual new hits on the policy? have you check at manual traffic learning if there entries are there?
- boneyard
cant you add them then via the manual learning?
kullwahad_19151Nimbostratus
Hi
Do you affected the ASM politic to a VS ? (with a policie on the ressource parameter of a VS)
Phong_Tang_7213yes. the policy has been assigned to VS
natheCirrocumulus
The Rapid Deployment Policy is, in essence, a negative security policy with some positive security policy thrown in. You may have been better using a Manual policy type.
Anyway, check your Policy Blocking Settings. In here you will see the full list of violations. You will probably find with RDP you won't have many selected. You will want to select "illegal file type" Learn/Alarm and (optionally) Block. This should populate the Manual Traffic learning as Boneyard mentions above. You'll see the "illegal file type" violation and they'll be listed here.
Hope this helps.
N
- boneyard
and to add a final piece i believe the extra file types won't be added automatically to the file types list you will have to do this via the manual traffic learning section.
see also this from the help: "•When the Automated Policy Builder is not running, the system suggests that you add explicit entities that match the wildcard entity."
if all this doesn't help you you might want to explain a bit better and provide some more configuration screenshots to show how the system is setup.
