Firewall rules for F5 Security update

Question

I am implementing ASM in our environment. But when I check the security updates, last security update was on 2016!!!. We need to ask our network team to make relevant changes on firewall to allow F5 updates. Can anyone help me with the rules?

youssef1 · Answer

Hi,&nbsp;
Allowing signature updates through a firewall:&nbsp;
Host servers (Destination):&nbsp;
 port 443 port 443
And of course you have to resolve public host (DNS access).&nbsp;
You have all information you need in this KB:&nbsp;
https://support.f5.com/csp/article/K8217&nbsp;
You can also process your update trough an proxy, it's describe in the KB that i give you above.&nbsp;
Let me now if you need more details.&nbsp;
Additional information, The source IP address of the resulting traffic uses either a non-floating self IP address or the management IP address, depending on the matching route. If Internet access is not available for automatic updates, error messages similar to the following examples are reported in the Configuration utility and logged in the /var/log/asm.&nbsp;
Regards&nbsp;

Forum Discussion

Firewall rules for F5 Security update

1 Reply

Recent Discussions

F5 loadbalancer not working

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

import live updates from version x to version y

Related Content

Using ChatGPT for security and introduction of AI security

Integrating SSL Orchestrator with CheckPoint Firewall VM-Bridge Mode (L2)

BIG-IP Advanced Firewall Manager (AFM) DNS NXDOMAIN Query Attack Type Walkthrough - part two

icmp of management firewall

Integrating SSL Orchestrator with CheckPoint Firewall VM-Transparent Proxy