ASM Policy - how is the trusted IP list treated
Guys how are trusted IPs on ASM policices treted RE automatic policy building.
Edited from the documentation :
"Trusted IPs - Specifies a list of IP addresses that the Policy Builder considers safe, ASM processes traffic from trusted clients differently than traffic from untrusted clients. Trusted clients ; rules are configured so that ASM requires less traffic (by default, only 1 user session) to update the security policy with entity or other changes.
It takes more traffic from untrusted clients to change the security policy (for example, if using the default values)".
Q Are we saying that the policy builder will not recommend suggestions i.e. violations from any traffic patterns from trusted IPs ; that it will consider all this traffic "good", meaning that the policy would be less likely to create false positives thus acting as a useful risk mitigation.