Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP ASM
Fixed In:
14.1.0, 13.1.0.8
Opened: May 06, 2018 Severity: 3-Major
The measured number of pending requests is two times higher than actual.
Server stress mechanism is more sensitive than planned. A temporary traffic spike can cause unnecessary DoS mitigation start. Note: The admd process provides stress-based DoS detection and mitigation control. When admd is not running, there is no stress-based anomaly detection or behavioral statistics aggregation.
Virtual server configured with a Behavioral DoS profile.
Modify the adm.health.sensitivity value. For example, to change health sensitivity from 50 to 500, run the following command: tmsh modify sys db adm.health.sensitivity value 500
Fixed initial adm flow sampling, so that the measured number of pending requests now equals actual.