Re: Multiple ASM policy applied on Virtual Server

Hello,

applying ASM policy at virtual server level means that both application traffic will be seen by WAF:

• Traffic learning will also show suggestions for b.test.ae in policy tuning
• When policy is set to blocking state, traffic directed to b.test.ae will also be checked and will trigger protections, resulting in possible blocks.

iRule tool can manage ASM policy assignment.

I remember from installations I've performed, that you require an ASM policy to be applied at virtual server leve, regardless. You need to perform this task before modifying iRule or ASM instructions won't be accepted.

In your scenario, to prevent application b.test.ae to be checked by WAF, I'd just add an ASM::disable string instruction:

when HTTP_REQUEST {
   switch [string tolower [HTTP::host]] {
      a.test.ae {
           pool a_test_Pool1}
      b.test.ae {
           ASM::disable
           pool b_test_Pool1 }
       }
   }

Hope this helps

CA

You can also use the current irule with the ASM:Enable command and following the article below:

https://community.f5.com/t5/technical-forum/apply-asm-policy-through-irule/td-p/194373

Still better to use local traffic policy that matches the HTTP hostname and assigns the specific ASM policy as this is more optimal than irules:

https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-13-1-0/35.html

You have opened the same question many times, please close the duplicate questions as it not a good example.