The Rapid Deployment security policy provides security features that minimize the number of false positive alarms and reduce the complexity and length of the deployment period. By default, the Rapid Deployment security policy includes the following security checks:
With the Rapid Deployment security policy, your organization can quickly create a security policy that meets the majority of web application security requirements.
Before you can create a security policy using ASM™, you need to complete the basic BIG-IP® system configuration tasks including creating a VLAN, a self IP address, and other tasks, according to the needs of your networking environment.
After you create a security policy, the system provides learning suggestions concerning additions to the security policy based on the traffic that is accessing the application. For example, you can have users or testers browse the web application. By analyzing the traffic to and from the application, Application Security Manager™ generates learning suggestions or ways to fine-tune the security policy to better suit the traffic and secure the application.
|Accept||Select a learning suggestion, click Accept, and then click Apply Policy. The system updates the security policy to allow the file type, URL, parameter, or other element.|
|Clear||Select a learning suggestion, and click Clear. The system removes the learning suggestion and continues to generate suggestions for that violation.|
|Cancel||Click Cancel to return to the Manual Traffic Learning screen.|
|Learn||If selected, the system generates learning suggestions for requests that trigger the violation.|
|Alarm||If selected, the system records requests that trigger the violation in the Charts screen, the system log (/var/log/asm), and possibly in local or remote logs (depending on the settings of the logging profile).|
|Block||If selected (and the enforcement mode is set to Blocking), the system blocks requests that trigger the violation.|