Forum Discussion

Charles_Emory_1's avatar
Charles_Emory_1
Icon for Nimbostratus rankNimbostratus
Apr 13, 2018

Usage of ASM Parent and Child Policies

We're starting to expand our usage of ASM and I'm trying to figure out how to architect our policies effectively. We've update to BigIP 13 and are able to use parent/child policies and I'm curious how others may be using them.

 

I spoke with support briefly and they mentioned that you should only have automatic learning enabled for each aspect (URL filtering, parameter, etc) enabled in either the parent or the child, not both. In an actual enterprise usage I'm curious, what are people actually doing at a parent policy level for ease of management?

 

At least in our environment I'm struggling to think of much I would be able to add at that level other than extremely basic things like what HTTP response codes are valid.

 

ASM Advanced WAF
security

1 Reply

Sort By
  • Erik_Novak's avatar
    Erik_Novak
    Icon for Employee rankEmployee
    Apr 17, 2018

    There are three main use cases for deploying a Parent policy:

     

    1. To impose mandatory policy elements on all application security policies of the enterprise or on a subset of policies. For example, specific attack signatures protecting known vulnerabilities will be imposed on all public facing applications. The policies with mandated configuration elements are defined by security administrators in the enterprise.

       

    2. To create and maintain policies that have common elements and settings. For example, the enterprise requires the same blocking response page for all policies and also requires common geolocation enforcement settings across all policies.

       

    3. To push change(s) to multiple policies. For example, information leakage or HTTP RFC compliance security requirements have changed and there are 50 policies that are affected.