Forum Discussion

Phong_Tang_7213's avatar
Phong_Tang_7213
Icon for Altostratus rankAltostratus
Jul 20, 2015

F5 ASM File Type Learn Explicit Entities in Rapid Deployment

Hi gurus   I am configuring ASM Security Policy in Rapid Deployment. The default File Type in this mode is only one "*" with "Never (wildcard only)" in Learn Explicit Entities. I want this Policy...
nathe's avatar
nathe
Icon for Cirrocumulus rankCirrocumulus
Jul 24, 2015

The Rapid Deployment Policy is, in essence, a negative security policy with some positive security policy thrown in. You may have been better using a Manual policy type.

 

Anyway, check your Policy Blocking Settings. In here you will see the full list of violations. You will probably find with RDP you won't have many selected. You will want to select "illegal file type" Learn/Alarm and (optionally) Block. This should populate the Manual Traffic learning as Boneyard mentions above. You'll see the "illegal file type" violation and they'll be listed here.

 

Hope this helps.

 

N