suthomas1
Sep 06, 2020Cirrostratus
Asm policy blocking
Good day all, i have read that new ASM Policy is in learning mode for 7 days. After this period, is there manual action needed to put it in blocking mode after 7 days?
Again, just adding to what Erik stated.
You need an http profile (https://support.f5.com/csp/article/K40243113) to allow deep packet inspection, which is required for ASM processing (https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-12-1-0/34.html >> control + find "http profile"). Any http/80 virtual server should redirect to 443 (hopefully the site is configured for https), and the ASM policy can be applied to both virtual servers (but it shouldn't matter over https if there's a redirect irule/traffic policy).