Forum Discussion

swo0sh_gt_13163's avatar
swo0sh_gt_13163
Icon for Altostratus rankAltostratus
Sep 24, 2013

Auto learning backed server by ASM?

Hello folks,

 

I have got a requirement from the customer, and they have hosted an internal web server. The issue is, as and when they apply any changes to the web server, for eg. adding a new page, or modifying the existing page etc. ASM throws alert messages and doesn't allow to communicate further.

 

Earlier I'd added parameter based exception, however it is becoming a challenge of daily life, as they are keep updating random pages to the web server.

 

I can absolutely understand the ASM behavior, as it didn't learn the newly added resources, it will deny any communication to that resource. And that is how the behavior should be.

 

However is there anyway where we can make this learning automatic or put it under staging (not the whole server, specific URI from where they are updating)?

 

Thanks for your time, Cheers! Darshan

 

ASM Advanced WAF
auto-learn
security

3 Replies

Sort By
  • boneyard's avatar
    boneyard
    Icon for MVP rankMVP
    Sep 25, 2013

    if you look at the ASM automatic policy builder cycle it allows for a constant changing of the backend server. if you want to get that route you can just enable the automatic policy builder (again) and perhaps setup the server admins as a trusted IP so if they go to the new sites the get added faster.

     

  • swo0sh_gt_13163's avatar
    swo0sh_gt_13163
    Icon for Altostratus rankAltostratus
    Sep 25, 2013

    Hi Boneyard,

     

    Could you please guide me how to configure Automatic Policy Builder?

     

    Cheers! Darshan

     

  • boneyard's avatar
    boneyard
    Icon for MVP rankMVP
    Sep 25, 2013

    v10: http://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm_config_guide_10_1/asm_policy_builder.html

     

    v11: http://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-config-11-3-0/asm_policy_builder.html

     

    i would certainly try this first in a test setup before putting in production.