ASM Global and URL Parameters

Just do not change the parameter level setting while Policy is not yet out of Learning. If you do not want to start the Learning process from a scratch, you'll have to wait for the Policy Builder (current Learning process) to finish. Only when the Policy is out of Learning, you can proceed by deleting all the learned Parameters, and manually redefining them yourself with the new parameter level setting.

As a side note, you do not really have to go as deep as learning all the parameters. My best advice is to not perform wildcards tightening on Parameters initially, and if you later encounter any specific requirements in regards to parameters, you can add a few exceptions. It's better to have a policy with 5 custom Parameters, and one Wildcard parameter instead of a Policy with 500 Parameters and no Wildcard parameter. Despite added complexity, the second option does not add any significant benefit to security but it will certainly add management overhead.

When you say learning mode, are you talking about the traffic policy builder? I tried both ways and didn't get any new URL level parameters...I turned off policy builder to see if manual learning would pick any new parameters at a URL level and nothing new came through.

When you say learning mode, are you talking about the traffic policy builder? I tried both ways and didn't get any new URL level parameters...I turned off policy builder to see if manual learning would pick any new parameters at a URL level and nothing new came through.

I tweaked around the policy and was able to get the level of detail that I am looking for, but was curious as to why you said in your initial answer that there is now additional security benefits by having more parameters and no wildcard. I can understand the overhead issue, but with having more granular details will allow for granular security controls.