Bug ID 871881: Apply Policy action is not synchronized after making bulk signature changes

Last Modified: Jul 30, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 16.0.0

Opened: Jan 22, 2020
Severity: 3-Major

Symptoms

After an action that affects thousands of objects a subsequent Apply Policy may be missed by a peer.

Impact

Peer devices that are still busy processing the large request miss the Apply Policy action, and it is never resent.

Conditions

1) Devices are in an autosync device group with ASM sync enabled 2) A bulk action that affects thousands of objects is performed (like enforcing or disabling all signatures) 3) The Apply Policy action is taken immediately afterwards

Workaround

Make a spurious change and reapply the policy.

Fix Information

None

Behavior Change