F5 ASM – Compact Mode

I’ve already written about learning with Add All Entities, learning with Never (Wildcard Only) and learning with Selective in the F5 BIG-IP ASM – Positive Security Policy Building post two years ago. However, updates to Policy Builder in BIG-IP 13.0 include a new learning mode, which is the Compact mode. I would like to highlight how this new mode works which is between Never (wildcard only) mode and Selective mode for maintenance efforts and granular protection. Therefore, Compact mode is used to reduce policy complexity and simplify maintenance.

You can watch in the video I’ve recorded how Compact mode works. Firstly, I’ve created a fundamental security policy which I’ve modified manually the learning new parameters to Compact mode. In addition, I’ve added my IP address as a trusted IP address because this is the best way the score becomes 100% in the learning process. Secondly, I’ve configured the wildcard parameter with a maximum length of 10 bytes. This is a requirement to trigger security violations and it’s the best option for learning suggestions. In fact, we can watch, finally, a new parameter is learnt and there is no longer new learning suggestions for parameters.

Thanks, drop me a line with the first thing you are thinking!!