Bug ID 691462: Bad actors detection might not work when signature mitigation blocks bad traffic

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1

Fixed In:
14.0.0, 13.1.0.2

Opened: Oct 30, 2017
Severity: 3-Major

Symptoms

When signature detected and mitigating no bad actors detection

Impact

No bad actors detected. Only signatures provides DoS protection. BIG-IP CPU utilization is higher than necessary

Conditions

1. Signatures detected and mitigating 2. Attack traffic is not significantly higher than the good traffic

Workaround

No workaround at this time.

Fix Information

The fix takes in account also SIGNATURES DROPS to decide when bad actors detection should be more agressive.

Behavior Change