Forum Discussion
Jim_M_172559
Nimbostratus
NimbostratusHow "transparent" is transparent mode in ASM?
When setting up Application Security Manager, it's standard to set a security policy to "transparent" for a virtual server, watch what violations it catches, revise as needed and then change from tra...
shaggyNimbostratus
Nimbostratustransparent mode essentially means that no requests are blocked altogether (dropped or generate a blocking response) by the policy, not that ASM does not interact with traffic. that being said, i also dislike that an rdp policy in transparent mode has data guard masking enabled, but by definition, it's not blocking entire requests.
from my experience cookie insertion, data-guard, and any feature that injects javascript (csrf protection, DDoS client side integrity defense, web-scraping protection) will interact with traffic when in transparent mode
Chris_GrantEmployee
Transparent mode can result in Javascript injection, even though it won't block based on the response. It will also result in TS cookies being added, and as you have already noted it turns data guard on. The only other caveats I can think of involve non RFC compliant traffic. ASM's parser is stricter than LTMs, and if you're sending traffic through that isn't either explicitly supported, or compliant HTTP we will fail to pass that on. It isn't blocking, per se, but has the same net effect (loss of functionality).