Last Modified: Jul 12, 2023
BIG-IQ Web App Security (ASM)
Known Affected Versions:
Opened: May 10, 2020 Severity: 4-Minor
Protected virtual servers with a monitoring/blocking application protection policy do not display enforcement mode following import from BIG-IP.
The virtual server will display 'Not Protected' enforcement status.
1. On BIG-IQ discover a BIG-IP device with a protected virtual server. 2. Check the virtual server's enforcement mode in the L7 security grid (Monitoring > DASHBOARDS > L7 Security).
PATCH the VS (or update it via UI), wait a minute and it will get the protection mode. For batch mode, restart restjavad, which marks all vips as dirty and protection mode will be recalculated for all of them.
Protected virtual servers imported from a managed BIG-IP device now display the correct enforcement mode.