Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IQ Web App Security (ASM)
Opened: Feb 09, 2021 Severity: 3-Major
When running an evaluate and deploy for 10 devices, the system might stop responding causing the UI becomes non-functional. This is caused by too many objects loaded onto memory during the evaluation process.
This might cause failure during verify-config stage of the evaluation. The overall impact affects large and full (not partial) deployments.
Running an evaluate and deploy process for 10 devices. Each has - 60 large ASM policies - 250 virtual-servers - 32GB RAM management console node.
1. Conduct a partial deploy of the objects (ASM policies) you want to deploy to as many devices you wish, so long as the object count is less than 200. 2. Do a full deployment to maximum of 5 devices with similar configurations. 3. Using REST API, there's an option to skip the verify-config stage when starting an evaluation task. This will work if skipVerifyConfig:true is sent in the task body. This option is less recommended at the verify-config stage, but is important to verify features are deployable on the target devices.
None