Forum Discussion

InfoSec_38553's avatar
Icon for Nimbostratus rankNimbostratus
Jan 16, 2011

What I should use HTTP or HTTPS in policies?




I just start working with ASM and there is some details confusing me I hope you help me with that.



In Application-Ready Security Policies there is two type of template HTTP and HTTPS.



What is the different between these policies?



If I was using https and decrypt the data in LTM then sent to ASM decrypted in this case, what I should use





Thank you in advance.


3 Replies

  • As Ido says, you'll want to set the protocol to what the virtual server is using on the client side.



  • Thank you all,




    I just need more details.



    I decided to build the policy in manual (from scratch) and my web site using HTTP and HTTPS together.



    Do I need the protocol only when I set the URLs in my policy or I should have two versions one for HTTP and the other for HTTPS?



    I think one version is Enough, but to make sure.