Forum Discussion

Ppp2016_241036

Nimbostratus

Feb 04, 2016

F5 ASM Testing Environment Setup with legitimate traffic (Please Advise)

The production F5 is going to install ASM module. I try to figure out what is the good way to setup the testing environment with legitimate traffic, to ensure the policies will not break the ap...

Employee

Feb 12, 2016

A clone pool would be a good idea, as it would send all of your production traffic to the secondary bigIP. Be aware that you can also configure the ASM in transparent mode and watch the production traffic itself. The ASM will flag all the traffic as if it was blocking, but won't actually block. The other things to keep an eye out for are Dataguard, and javascript injection. I have seen situations where a site's javascript won't play nice with the injections from the ASM, but it's rare. Pete is also correct in that you can simply configure a virtual server either on another IP or another port (may require some work with local traffic policies to keep to that port) and have a subset of users test the ASM that way.

Forum Discussion

F5 ASM Testing Environment Setup with legitimate traffic (Please Advise)

Recent Discussions

Hi All, We have viprion 4300 with 4450 blades with 6 blades all blades having same configuration

Can iRule be used to perform exception of IPI category based on Geolocation

BWC iRule

Citrix XenServer Big-IP Upgrade help

iRule condition - request contains more than 10000 parameters

Related Content

Create F5 BIG-IP Next Instance on Proxmox Virtual Environment

Multi-Stores Citrix environment BIG-IP APM

TESTING / ARTICLE SAVE - 002LEZ

iRules Development Environment

Separating False Positives from Legitimate Violations