suthomas1
Sep 06, 2020Cirrostratus
Asm policy blocking
Good day all, i have read that new ASM Policy is in learning mode for 7 days. After this period, is there manual action needed to put it in blocking mode after 7 days?
The reason is that you must know if your application uses secure HTTP (that's what the "s" means in HTTPS) or unsecured HTTP for data transmission. Most applications today use HTTPS. Security is provided to data in transit by encrypting the payload using TLS (SSL). ASM cannot apply security processing to encrypted data. This data must be unencrypted first. To do that, you need to allow BIG-IP to handle the unencryption before it reaches the security policy. Here is a good explanation about the server vs. client SSL profiles which will facilitate this:
https://support.f5.com/csp/article/K72355246