Forum Discussion

ghost-rider_124's avatar
ghost-rider_124
Icon for Nimbostratus rankNimbostratus
Feb 17, 2015

ASM Policy Automatic or Manual

Hello Experts

 

What is the good practice to enable ASM policy that is automatic or manual? My vendor told me that manual is more preferred than automatic so you know what you are doing? But my main problem for manual is for the application, I really not sure what block settings, I should enable?

 

Can any one help me for this?

 

2 Replies

  • I think the proper answer is "it depends":-) It depends on how good you know the application (inhouse dev apps or not, well known apps etc), how much human resources you have to take care of the policy and its changes (app changes). I have seen some customers enthousiastic to configure a fine-tuned policy but at the end they havent. Because of lack of resource and sometime because it's difficult to get good information about the app (and thus try mitigate the risk of false positives).

     

    If you are not sure...go for Rapid or automatic

     

  • If you know the app implementation well and are willing to have a fine-tuned policy (also over changes in app) you could go for manual. Automatic would also permit that, as you can define the policy granularity level (fundamental, enhanced, comprehensive). With automatic you'll need to have trusted users browsing you app in-depth.