Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

In an active/standby setup of ASM, with sync only device group, do signature updates sync up?

Go to solution
Wasfi_Bounni
Cirrocumulus
Cirrocumulus

‎24-Sep-2023 19:04

Hi;

In an active/standby setup of ASM or AWAF, let's say we added the sync-only device group to synchronise any automatic policy changes. Would updating the attack signatures on the active device propagate that to the stand-by one or do I need to do the signature update on the stand-by device separately?

Kindly

Wasfi

Labels:
0 Kudos
2 ACCEPTED SOLUTIONS

Go to solution
quangtran
Cirrus
Cirrus

‎24-Sep-2023 20:11

Hi @Wasfi_Bounni 

Configuring signature updates between two devices is independent, so I believe updating should be done manually on the standby device.

View solution in original post

Go to solution
ragunath154
Cirrostratus
Cirrostratus

‎25-Sep-2023 22:18

When you set up ASM™ synchronization, in addition to security policies, other settings such as custom attack signatures, logging profiles, SMTP configuration, anti-virus protection, system variables, and policy templates, are synchronized with all devices in the ASM-enabled device group.

If Attack Signatures Update Mode is scheduled for automatic update, the attack signature update settings are synchronized(not signatures). Each device in the device group updates itself independently according to the configured schedule. If you manually upload attack signatures or click Upload Signatures to update from the server, the update is propagated to all of the devices in the device group.

View solution in original post

0 Kudos
6 REPLIES 6

Go to solution
quangtran
Cirrus
Cirrus

‎24-Sep-2023 20:11

Hi @Wasfi_Bounni 

Configuring signature updates between two devices is independent, so I believe updating should be done manually on the standby device.

Go to solution
Wasfi_Bounni
Cirrocumulus
Cirrocumulus
In response to quangtran

‎24-Sep-2023 20:22

Thank you Quangtran.

0 Kudos

Go to solution
Aswin_mk
Nimbostratus
Nimbostratus

‎25-Sep-2023 00:47

Hello ,

 

Signature updates is independent and need to do in each devices. please use this link for more idea about signature update : https://wtit.com/f5-resources/f5-big-ip-asm-attack-signatures/updating-big-ip-asm-attack-signatures/.

0 Kudos

Go to solution
ragunath154
Cirrostratus
Cirrostratus

‎25-Sep-2023 22:18

When you set up ASM™ synchronization, in addition to security policies, other settings such as custom attack signatures, logging profiles, SMTP configuration, anti-virus protection, system variables, and policy templates, are synchronized with all devices in the ASM-enabled device group.

If Attack Signatures Update Mode is scheduled for automatic update, the attack signature update settings are synchronized(not signatures). Each device in the device group updates itself independently according to the configured schedule. If you manually upload attack signatures or click Upload Signatures to update from the server, the update is propagated to all of the devices in the device group.

0 Kudos

Go to solution
Wasfi_Bounni
Cirrocumulus
Cirrocumulus
In response to ragunath154

‎25-Sep-2023 22:47

Thank you Ragunath.

0 Kudos

Go to solution
T-Trust
MVP
MVP

‎03-Oct-2023 21:29

Hi 

You have to update attack signature independent on activa and standby device, I hope this step below will help you,

1. Upgrade version standby device (Unit2) and check attack signature up-to date or not? if not please update attack signature on standby device

2. Force standby device (Unit2) to active, then test service and monitor system

3. Upgrade version standby device (Unit1) and check attack signature up-to date or not? if not please update attack signature on standby device

4. Force standby device (Unit1) to active, then test service and monitor system

0 Kudos
Copyright © 2023 Khoros, LLC