One ASM Security Policy for Multiple web applications

Question

Hello,&nbsp;I got a call for a customer to verify the ASM Polices for the published applications, I found that he has 7 applications shares one policy.this policy is in blocking mode and applications are working fine.&nbsp; I have two options for this case:&nbsp;1- make a new policy for each application.2- ask him to do vulnerability assesmen/pen test and close the vulnerabilites on the same policy.&nbsp;what is the best practice in this case, I need your advice.&nbsp;Thanks

kevin_davies · Answer

Option 2 first. If the vulnerabilities cannot be resolved using the existing policy then explore option 1. Even then, clone the existing policy and adjust as needed only for applications that require it. Each new policy adds the same overhead as the original in terms of ongoing management. Given the client and their needs its really a judgement call on your behalf but that is where I would start.

mo9823 · Answer

Thanks for your reply, I agree with you

Forum Discussion

One ASM Security Policy for Multiple web applications

Recent Discussions

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

irule to enable http/2 acceleration

VS FORWARDING & ROUTE

Statistics ›› Analytics : HTTP : Overview

SNI Sites not taking correct certificate.

Related Content

Securing Applications using mTLS Supported by F5 Distributed Cloud

Adaptive Apps: Replicate & deploy WAF application security policies across F5's security portfolio

From ASM to Advanced WAF: Advancing your Application Security

Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio

Using Distributed Application Security Policies in Secure Multicloud Networking Customer Edge Sites

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS