Forum Discussion

Wasfi_Bounni's avatar
Icon for Cirrocumulus rankCirrocumulus
Sep 24, 2023

Is the update and application of new AWAF attack signatures "Service Affecting"?

Hi; Is the update and application of new AWAF or ASM attack signatures "Service Affecting"? Also does applying the new attack signatures entail a reboot of the device? Kindly Wasfi
  • Hi Wasfi_Bounni , 
    Yes , it may impcat you. 

    and not it depends : 

    1. you want to enforce signtaures immediately. ( may impact you and produce false positives ) 
    2. you can keep these signature under learning for a while ( Readness period "default 7 days" ) 

    Open ( Security >> Application security >> Learning and blocking settinngs >>> Attack signatures ) 

    - If you want to enforce it directley : 
    open this : 


    Make sure ( you're selecting enforce updated rule immediately ...... ). 
    >>> by doing this all newly updated signature will be enforced directly. 

    - If you want to keep updated signature for a while and in learning and after checking your learning suggestion to take your decision : 

    modify your configuration like this : 

    >>> performing this shoud put your newly signatures in statging waiting the ( Readness period to be fininshed ) to be ready to be enforced and you will work on parallel on learning suggestions ( Accept / delete suggestions ) based on your analysis in suggestions collected from requests samples. 

    I hope this helps you 🙂