Overview: Live updates for policy signatures¶

New web application attacks and threats are constantly developed, and you should update WAF components on a regular basis to ensure that your applications are protected against newly attacks.

F5 regularly releases new updates for WAF components on its downloads site. The updates, known as Live Update files, include new, modified, and deprecated attack components.

From BIG-IP Next Central Manager, you can set automatic updates to upload and deploy the newest Live Update files. In addition, you can select older files that better meet your applications’ security needs.

For this version of BIG-IP Next, you can update the following attack components:

Attack Signatures: Rules or patterns that identify attack sequences or classes of attacks on a web application and its components. You can apply attack signatures to both requests and responses.
Bot Signatures: Class of signatures that identify legitimate or malicious web robots by looking for specific patterns in the headers of incoming HTTP requests.
Threat Campaigns: Identify attacks associated with a specific malicious actor, attack vector, technique, or intent. F5 discovers and investigates these attacks.

When you upload and install a live update file to on BIG-IP Next Central Manager, the updates are deployed to all BIG-IP Next instances.

For more information about installing and managing Live Updates:

How To: Install signature updates

Previous Next