Bug ID 989529: AFM IPS engine takes action on unspecified services

Last Modified: Jul 23, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2, 16.1.0

Opened: Feb 01, 2021
Severity: 3-Major

Symptoms

Specific ports configured in the IPS profile are not taken into account during the matching action exercised by the IPS subsystem. As a result, all ports are matched.

Impact

Increased resource usage and excessive logging.

Conditions

Service ports specified under Security :: Protocol Security : Inspection Profiles :: service type (e.g., HTTP).

Workaround

None.

Fix Information

None

Behavior Change