Forum Discussion

Nimbostratus

Feb 09, 2010

How to handle ASM in HTTP_CLASSes

Hi. We're having some issues setting up our ASM, as it behaves quite strangely. First, I'll try to explain our setup: We have various VirtualServers (VS) and we use HTTP_C...

app sec

BIG-IP Access Policy Manager (APM)

security

hoolio

Cirrostratus

Feb 12, 2010

Hi Markus,

Thanks for clarifying. If you want to do pool selection and use ASM validate the traffic, you can enable ASM on each HTTP class. This would require separate ASM web apps for each class. If you want to use one policy for all of the web apps, you'd need to manually export and import the policy between web apps. This would be a nuisance from a management perspective.

Another option would be to use a single HTTP class with ASM enabled and no filters. All traffic would match this class. You could then use an iRule to do the pool selection. You can do pool selection in the HTTP_CLASSS_SELECTED event.

Aaron

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)