Bug ID 687986: High CPU consumption during signature generation, not limited number of signatures per virtual server

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP AFM, ASM(all modules)

Known Affected Versions:

Fixed In:

Opened: Oct 10, 2017

Severity: 3-Major


The number of the signatures per virtual server is not limited. This can result in a very large number of generated signatures during sophisticated attacks that use changing patterns. After a time, when a system experiences a number of attacks, the list of generated signatures can be too long.


High CPU utilization when mitigating. Overloaded GUI signatures screen.


-- Sophisticated attacks that use changing patterns. -- System experiences a large number of attacks.


Manually remove old / not-often-used signatures.

Fix Information

The system now limits the number of signatures per virtual servers, and optimizes per-signatures operation.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips