Forum Discussion
MVPF5 AWAF/ASM learning only from Trusted traffic?
I found this nice option "Only from Trusted Traffic" for the Policy Builder but this is seems to relevant only after the learning period has passed. I did increase the thresholds to the max possible value 1000000000 under "Loosen Policy" for "Untrusted Traffic "as to never learn from not trusted IP addresses in the initial learning period that is 7 days.
I think that is the correct way ? I would have been nice to have a global option or option under "Loosen Policy" to learn from "Only from Trusted Traffic" like in "Track Site ".
2 Replies
- Daniel_Wolf
Hey Niki,
not sure if I get your request right, but the learning score should go to 100% if the request comes from a trusted IP.
Depending on the Learning Mode (Automatic / Manual) they should be automatically approved.
As for the Trusted Traffic you could set days to .0001 day(s), which is ~9 seconds.Cheers
Daniel
- Nikoolayy1
Hey Daniel_Wolf I want only to learn from trusted traffic (coming from trusted IP address ) in the initial stage and after that after the policy is stable.
The 0001 day(s), which is ~9 seconds. is not a bad idea for optimizing the learning from trusted traffic.
