Forum Discussion

Mike_Maher's avatar
Mike_Maher
Icon for Nimbostratus rankNimbostratus
Jun 02, 2010

Questions for building Application policy

We have had ASM in our environment for a while now but have not really had a good handle on managing it. So as any of you who have worked with this product for a while can imagine, it is kind of a mess right now. I have taken over management of this technology just this past year, and I have multiple things on my list to clean up over the next 18 months. One of them is getting a good process in place for adding a new application, and I was wondering does anyone have any tips/processes that they use in their environment to try and streamline the process. Like perhaps a list of questions for the application owner, (Object types, cookies used, data classification, that sort of stuff). Do most of you use the automated policy builder when creating a new application policy or do you just review and accept traffic manually? Any thoughts that you have are appreciated. Thanks in advance.

 

 

Mike

 

APM
app sec
security

3 Replies

Sort By
  • Mike_Maher's avatar
    Mike_Maher
    Icon for Nimbostratus rankNimbostratus
    Jul 07, 2010
    We are currently running 9.4.6 but we are moving to 10.2 in the fall.

     

  • Ido_Breger_3805's avatar
    Ido_Breger_3805
    Historic F5 Account
    Jul 07, 2010
    The policy builder of 10.2 will make things much easier for you, you could turn it on and it will build policies automatically, it was refactored completely and we get very good feedback on it.

     

    With the current version you have, I would choose a rapid deployment policy and accept the learning suggestions manually.