Traffic interruption by ASM policy exchange?

Question

Hello,&nbsp;
I need to exchange some existing ASM policies. Some are modifiable via the security options section of the virtual server, some need to be changed by creating a draft of an L7 policy (auto asm policy) and publishing it (security options section shows "Manual Configuration").&nbsp;
Does any of these two methods interrupt traffic?&nbsp;
Thanks in advance,
Kind regards&nbsp;

youssef1 · Answer

Hi,&nbsp;
F5 ASM don't interrupt traffic therefore you need to be careful about type of policy. Because some kind of policy are in blocking mode. And can impact production by blocking legitimate traffic...&nbsp;
let me now if you need details.&nbsp;

erik_novak · Answer

With regard to transparent policies, there can be an impact on traffic if you are using threat mitigations which mask characters (Data Guard), or inject JavaScript into an HTTP response including brute force protection, bot defense, web scraping, persistent device tracking, and L7 DoS protection. There will be activity associated with these defenses even if the policy is transparent mode--remember that a DoS profile for example, works with or without an ASM policy.&nbsp;

Forum Discussion

Traffic interruption by ASM policy exchange?

2 Replies

AppWorld Berlin iRules Contest!

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

Recent Discussions

Changes to DO and AS3 GitHub - no longer monitored

How to Verify config before loading to F5

Logical Disk Full to Migrate rSeries

HSL - Local TimeZone - in syslog server

VIP control across data centers - how to ensure only 1 VIP is up at a time?

Related Content

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

BIG-IQ statistics in dashboard missing/interrupted

Exchange 2016

Equinix and F5 Distributed Cloud Services: Business Partner Application Exchanges

F5 Distributed Cloud - Traffic Steering based on Client IP Address

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS