For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

climb74_220480's avatar
climb74_220480
Icon for Nimbostratus rankNimbostratus
Sep 03, 2015

Is there a way to automagically populate fields in a security policy from an uploaded xml schema?

Is there a way to generate a baseline policy from an xml schema? I would figure that all the necessary items for a baseline policy should be able to be gathered from an uploaded schema... They could...
ASM Advanced WAF
deployment
design
management
security
samstep's avatar
samstep
Icon for Cirrocumulus rankCirrocumulus
Sep 04, 2015

Yes, ASM is capable of this functionality using Policy Export/Import function if you choose XML Export/Import.

 

AskF5 Knowledgebase solution SOL12619 has the schema information.

 

https://support.f5.com/kb/en-us/solutions/public/12000/600/sol12619.html

 

In addition to this ASM is capable of importing vulnerability scanner reports XML files and create security policy automatically mitigating the vulnerabilities.

 

ASM support XML reports produced by WhiteHat, Cenzic (now TrustWave), HP WebInspect and IBM AppScan. Additionally there is a "Generic Scanner" schema you can use - described in ASM manual here:

 

https://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-getting-started-11-5-0/4.htm

 

Hope this helps,

 

Sam