Bug ID 907973: Imported virtual servers with application protection are displayed as unprotected

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IQ Web App Security (ASM)(all modules)

Known Affected Versions:
7.1.0

Fixed In:
7.1.0.1

Opened: May 10, 2020

Severity: 4-Minor

Symptoms

Protected virtual servers with a monitoring/blocking application protection policy do not display enforcement mode following import from BIG-IP.

Impact

The virtual server will display 'Not Protected' enforcement status.

Conditions

1. On BIG-IQ discover a BIG-IP device with a protected virtual server. 2. Check the virtual server's enforcement mode in the L7 security grid (Monitoring > DASHBOARDS > L7 Security).

Workaround

PATCH the VS (or update it via UI), wait a minute and it will get the protection mode. For batch mode, restart restjavad, which marks all vips as dirty and protection mode will be recalculated for all of them.

Fix Information

Protected virtual servers imported from a managed BIG-IP device now display the correct enforcement mode.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips