Forum Discussion

Nimbostratus

Jan 21, 2016

Best practice on ASM policy deployment advices (automatic, manual)?

I have the in-house web applications that need to protect with ASM. I am testing out the policy deployment using automatic and manual (rapid deployment). My focus is on the web attacks. For both...

Employee

Jan 27, 2016

The automatic policy builder runs in the background and develops your policy based on the traffic it sees. So, for instance, if it sees a large number of requests for .jpgs it's likely to conclude that jpgs are okay files and add a rule to the whitelist allowing that. Manual deployment may start from the same place but after you deploy it's done. Any changes you need to make must be made manually.

If you have a lot of generally clean traffic, or are willing to go back and fix it's mistakes, Automatic Policy Builder is fine. If your traffic is less trustworthy or you want to have total control over what you are doing with your ASM, Manual is the better way to go.

In either case you should be in regular communication with the admin in charge of the web application to ensure that your policy matches the needs of the application, and you should ensure that you are regularly reviewing the policy changes, learning suggestions, and proxy logs.

Forum Discussion

Best practice on ASM policy deployment advices (automatic, manual)?

Recent Discussions

What is the meaning is 52% block in WAF

Rundeck ansible F5 errors

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Where are F5's archived deployment guides?

F5 BIG-IP deployment with OpenShift - per-application 2-tier deployments

AS3 Best Practice

Adopting SRE practices with F5: Targeted Canary deployment

F5 Certified Practice Exams