Forum Discussion
Mike_Maher
Jan 05, 2012Nimbostratus
One other side note, when doing the policy building we only run through 1 ASM so all the information can be built on one box and once we are at 99-100% then we move to prod across the 4 boxes. Of course this is two separate environments as I am not comfortable from a Security standpoint doing policy building in production. If you only have 1 environment and you have to do the policy building there, I would try and put one ASM out front for the two week automated policy building, but if you are relying on production traffic for that I would advise caution, as we see a lot of blocks when we get to prod that is either just junk traffic most of the time but I also see some poking at the application to see what they can get to. In my large customer facing applications we have a decent size ignore list of URLs that we don't even see in blocking any more because there was so many of the requests coming in.