Forum Discussion

Albert_59847's avatar
Albert_59847
Icon for Nimbostratus rankNimbostratus
Dec 08, 2015

real traffic policy builder disabled

Hi Guys,

 

I am bit a confuse about real traffic policy builder (ASM). I have policy and applied in one of my virtual server and under security-->application security-->Policy Building-->Status shows "Disabled".

 

The policy is working fine but don't know why it shows disable. I think we should use the automatic configuration because what we did was manual.

 

Could someone explain this clearly as I am confuse about this.

 

Regards,

 

application delivery
ASM Advanced WAF
waf

2 Replies

Sort By
  • nathe's avatar
    nathe
    Icon for Cirrocumulus rankCirrocumulus
    Dec 08, 2015

    Albert,

     

    You can build a policy in a number of ways, principally using a Manual method (of some description) or, alternatively, using ASM's automatic policy builder.

     

    What you're seeing here is that your policy has been built manually and the policy builder is not currently running. That doesn't mean that you can't further build/update your policy based on things like Staging/Enforcement Readiness period and Learning.

     

    If you enable Policy Builder it will begin to tune your policy automatically, based on configured metrics, forever or until you're happy there is a complete policy.

     

    If your policy does require further tuning then the Policy Builder will take away a lot of the manual processes required by yourself to update the policy, again probably based on the Learning entries. However, you do lose a bit of visibility of what it, the Policy Builder, is doing in the background.

     

    Hope this helps,

     

    N

     

  • Albert_59847's avatar
    Albert_59847
    Icon for Nimbostratus rankNimbostratus
    Dec 09, 2015

    Hi Nathan,

     

    Thanks for the reply, yes you are right as I observed yesterday that when my policy builder enabled it starts to tune my policy and I a waiting until 7 days.

     

    Regards,