Applies To:
Show Versions
BIG-IP ASM
- 15.0.1, 15.0.0, 14.1.2, 14.1.0
Updating Attack and Bot Signatures
Overview: Updating the signature pools
The system includes an attack signature pool and a bot signature pool. These pools include the system-supplied attack signatures and bot signatures, which are shipped with the Application Security Manager, and any user-defined signatures. You can update both pools using the Live Update feature.
F5 develops new signatures to recognize the latest attacks and bots, and you can schedule periodic security updates to the signature pools, or perform manual updates. You can also have the system send you an email when a security update is available.
Updating signatures
For additional information regarding licensing requirements, allowing signature file updates through a firewall, and configuring signature file updates through an HTTPS proxy, refer to Solution 8217 in the AskF5 knowledge base (https://support.f5.com/).
| Update | Description |
|---|---|
| Disabled | You must check for and manually select and install any available updates. |
| Real Time | Updates are installed as they become available. |
| Scheduled | You can specify the times of day and week to install available updates. |
After the update, the system places newly added and updated signatures in staging if they are specified in one or more security policies (for security policies with the staging feature enabled).
ASM records details about each signature update file, including added, modified and deleted entities, and displays this information on the Installation Details window. Select a file to view these details. On AskF5 you can review the Readme file that pertains to the update. AskF5 also contains an article, Managing BIG-IP ASM Live Updates (14.1.x) with more details.
