Forum Discussion

Nimbostratus

Sep 25, 2019

WAF sync across DC

Have a pair of LTM + WAF device in X location in HA, also have a pair of LTM + WAF device configured in Y location configured in HA. as of now, i am manually exporting all the ASM(WAF) policies...

Nimbostratus

oh great, my worry was will the LTM configuration too gets synchronized as they are in different ip ranges.

its a production env in my case, cant perform testing.

DanS92

Cirrus

Sep 27, 2019

I'm in the exact same situation... If LTM gets synchronized my production environment will break. My understanding is that the "Incremental Sync" only syncs the portions that you specifically configure it to sync.

Like with ASM, you can go to Security > Options > Application Security > Synchronize to tell it to sync the ASM portion.

It looks like APM has a simlar feature under Access > Profiles/Policies > Policy Sync

My change got pushed back due to network issues in my environment, so I won't be able to do it for a few more weeks...

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

WAF sync across DC

Recent Discussions

ip x-forwarding

ports are showing open on online scanning tool

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Related Content

Minimizing Security Complexity: Managing Distributed WAF Policies

Introduction of IDS and WAF

ASM/WAF Management Automation - TMOS

Deploying F5 Distributed Cloud WAF on Kubernetes

F5 Hybrid Security Architectures (Part 1 - F5's Distributed Cloud WAF and BIG-IP Advanced WAF)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS