F5 releases attack signature updates for the BIG-IP ASM system approximately every six weeks. The attack signature updates include new attack signatures as well as enhancements to existing attack signatures.
Architectural changes in the BIG-IP ASM signature database now allow your system to receive a significantly higher number of supported attack signatures. Due to these changes, when you apply attack signature updates, older versions of the BIG-IP ASM system may not receive enhancements to existing attack signatures, and may not receive new attack signatures that are available to newer BIG-IP ASM versions.
The following table shows the BIG-IP ASM versions that do not contain the required changes that allow you to install the latest signature database.
|BIG-IP ASM branch||BIG-IP ASM versions that contain the required changes|
|11.5.x||11.5.4 – 11.5.4 HF1|
|11.4.x||11.4.1 – 11.4.1 HF9|
If you have a version of the BIG-IP ASM system that does not receive signature updates, you must either upgrade to a newer version, or obtain an engineering hotfix for your version of the BIG-IP ASM system. To obtain an engineering hotfix, contact F5 Technical Support.