ACL matches per rule Context(Enforced) on F5 ASM

Question

Hi All,
When I go to
F5 &gt;&gt; Security  ››  Reporting : Network : Enforced Rules
ACL matches per rule Context(Enforced).
It shows 
Virtual Server622,780
Global111,203&nbsp;
 AggregatedSelf IP1,336&nbsp;
  /Common/BRIDGE-VLAN-GROUP_self_ipSelf IP603 &nbsp;
/Common/App_x.x.x.x_VIPVirtual Server2 &nbsp;
OverallN/A733,645
   These are ACL matches per rule context.Please explain where is ACL and how this value depends on it.

jgranieri · Answer

Do you have AFM provisioned as well? it sounds like you do. if you see below the graph there should be a details section. keep clicking down further on the blue highlighted item to find the AFM ACL. you could either have AFM configured global context or on a per VS with rules

richard_karon · Answer

@jgranieri is on track here.    
&nbsp;
Looking at the path you mention, you can see I bolded Network with is an AFM indicator. 
F5 &gt;&gt; Security ›› Reporting : Network : Enforced Rules ACL matches per rule Context(Enforced).    
&nbsp;
Also the division of the context into the catagories you identified is also AFM terminology:
    Various contexts include 
    Context is processed in this order:    
&nbsp;

&gt; Global    
&gt; Route domain    
&gt; Virtual server/self IP    
&gt; Management port*    
&gt; Global reject*

Depending on version, you can find this information on askf5 Firewall Context info&nbsp;

Forum Discussion

ACL matches per rule Context(Enforced) on F5 ASM

2 Replies

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

F5 Distributed Cloud Origin Server Subset Rules

LTM Cipher rule

F5 Distributed Cloud - Service Policy - Header Matching Logic & Processing

Logging all AFM Rules

AFM Protocol Inspection rules for CVE-2022-3602 (aka SpookySSL)