Forum Discussion

Cirrus

Jun 13, 2017

ASM Learning Peroid Reset

Hello , we have here a ASM for an application which is still in the developing phase. Learning mode is still working on it since 10 days ago and till now it didnt finished. My question...

ASM Advanced WAF

security

Martijn_144688

Cirrostratus

Hi,

Do you mean Enforcement Readiness Period or Learning Mode?

The Enforcement Readiness Period is reset every time the configuration is changed or a violation is triggered for a staged item.

If you change a component on the web application, ASM is not aware of this until you change your ASM policy accordingly. And by changing the ASM policy, the Enforcement Readiness Period is reset.

Martijn.

Martijn_144688

Cirrostratus

Jun 13, 2017

In Learning Mode ASM adapts the security policy so we can prevent false positives. This is called Policy Building. Learning Suggestions are created which you can Accept, Delete or Ignore.

If we talk about Enforcement Readiness Period we talk about staging. For example Signature Staging. If you have Signatures configured in your ASM policy and your ERP is 7 days, Signatures which did not trigger a violation within those 7 days are set to Ready to Enforce. You can choose to enable those signatures.

I would advise you to follow the instructor led ASM training.

Forum Discussion

ASM Learning Peroid Reset

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Community Learning Path: Multi-Cloud Networking

Cisco ACI Endpoint Learning with a BIG-IP HA Failover

Community Learning Path: Web Application and API Protection (WAAP)

BIGIP resets connecion

How To learn F5 for beginner