F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

draco_184361's avatar
draco_184361
Icon for Nimbostratus rankNimbostratus
Jan 09, 2018

The policy builder has only reached 39 % even after 7 days of staging.

Is it wise to change the tighten policy properties and loosen policy values ie the amount of source ip it should wait etc for inorder to fasten the process . The management is telling to fasten up th...
application delivery
ASM Advanced WAF
BIG-IP
security
Erik_Novak's avatar
Erik_Novak
Icon for Employee rankEmployee
Jan 09, 2018

The fastest way to reach 100 percent is to configure a trusted IP address (ideally a machine you control and from which you send only safe, non-violation-generating traffic.) This will allow ASM to build the policy quickly and accurately. We realize that method is not always easy to implement, so the alternative is to keep attack signatures, parameters, file types, and any other entities in staging (the default when using automatic policy building) until you are satisfied that triggered violations are not false positives. To prevent blocking legitimate clients, you can enforce items gradually. Make sense?