Bug ID 937269: IP address exception configuration in Centralized Policy Builder

Last Modified: Oct 27, 2020

Bug Tracker

Affected Product:  See more info
BIG-IQ Web App Security (ASM)(all modules)

Known Affected Versions:
7.0.0, 7.0.0.1, 7.1.0

Fixed In:
7.1.0.1

Opened: Aug 17, 2020
Severity: 3-Major

Symptoms

The Centralized Policy Builder does not behave in accordance with the IP Exception (IP Address List in configuration). Whether an IP is set to be ignored (in learning suggestion) or trusted by the policy builder, it is treated like any IP address.

Impact

If the IP address was set to be 'Ignored In Learning Suggestion', it will not be ignored and would impact learning. If the IP address was set as 'Policy Builder Trusted IP', it will not be considered trusted by the Centralized Policy Builder.

Conditions

When you configure an IP address as ignored or trusted by the policy builder in IP Address List and traffic can be learned from is sent for the IP address.

Workaround

N/A

Fix Information

Centralized Policy Builder now ignores or trusts IP Addresses correctly according to the Centralized Policy Builder's configuration.

Behavior Change