Forum Discussion

Cory_50405's avatar
Cory_50405
Icon for Noctilucent rankNoctilucent
Mar 04, 2014

ASM attack signature update failures

Anyone else experiencing issues downloading ASM attack signatures? Our Enterprise Managers have been unable to pull them down from F5 starting on 26 February.

 

7 Replies

    • Cory_50405's avatar
      Cory_50405
      Icon for Noctilucent rankNoctilucent
      Are you using Enterprise Managers or just pulling directly from ASM itself?
    • Cory_50405's avatar
      Cory_50405
      Icon for Noctilucent rankNoctilucent
      My ASM appliances are able to reach out and find updates, but neither EM can do so. Both fail with SSL errors. Sounds like it's time for a support case.
  • Anyone out there use Enterprise Manager? Curious to see if anyone else is having problems pulling attack signatures or if it's just our two appliances. I opened a support case last week but haven't been assigned an engineer yet.

     

  • For what it's worth, I just updated from the ASM and everything worked correctly (signature date 3/9/2014). I've always pulled updates directly from the ASM, and I've never had an issue. Just wanted to give you another data point for your consideration.

     

  • Just to follow up, this issue was finally resolved. Seemed that it had to do with recursion, but on the F5 side. Note from the support engineer:

     

    The issue was with how the callhome.f5.com performs this test for some LDNS requests getting to callhome.f5.com and then would make the next call back to us is where the issue would fail. This issue appeared to be happening on our end in callhome.f5.com.