Last Modified: Sep 27, 2024
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4
Opened: Jul 24, 2023 Severity: 3-Major
When trying to change the action value of signature/compliance in an IPS Profile from accept/reject/drop to Don't Inspect in UI, it is not changing. This happens when the IPS Profile is in different partition
Will not be able to change the action value from accept/reject/drop to Don't Inspect in UI when the IPS Profile is in different partition
1) Create a partition System > Users > Partitions List > Create > give profile_name > update 2) Move to the new partition created at the top right corner of UI 3) Create IPS Profile Security > Protocol Security > Inspection Profiles > Add > New > give Profile name > select the services > update action values of signatures and compliances to accept/reject/drop 4) Change the value from action accept/reject/drop to 'Don't Inspect' and commit the changes.
For signature below command can be used in CLI modify security protocol-inspection profile /<partition-name>/<profile-name> { services modify { /Common/<service-name> { signature delete { /Common/<signature-name> }}}} To update the action value of all signatures in a service to Don't Inspect modify security protocol-inspection profile /<partition-name>/<profile-name> { services modify { /Common/<service-name> { signature delete { all }}}} For compliance below command can be used in CLI modify security protocol-inspection profile /<partition-name>/<profile-name> { services modify { /Common/<service-name> { compliance delete { /Common/<complance-name> }}}} To update the action value of all compliances in a service to Don't Inspect modify security protocol-inspection profile /<partition-name>/<profile-name> { services modify { /Common/<service-name> { compliance delete { all }}}}
None