Forum Discussion
Thomas_Gobet_91
Cirrostratus
Hi,
-
Attacks signatures should be updated as often as you can. You won't need to apply each version, it will depend on what you have to protect.
-
Again it depends on which security management you apply. To avoid some false positives, you have to change blocking signatures to staging mode. I usually do that, you'll avoid to be waked up at 3am for "nothing".
-
Yes you can do that. Each ASM policy is isolated from others. So on your QA policy, you can update a policy whereas on your prod one you don't apply the update.
dennypayne
Sep 24, 2014Employee
Actually I don't think 3 is possible on the same device. Attack signature updates are global and there doesn't appear to be any way to update them on a per policy basis (at least not as of 11.5.1).