BigIP F5 10.2 versiyondan 11.2 versiyonu güncelleme yaparken belirli konulara dikkat etmemiz gerekiyor. Bunlardan bir taneside güncellemeden sonra karşınıza çıkacak olan Modified ASM cookie’dir. Güncelleme sonrasında belirli kullanıcıları Modified ASM Cookie uyarı ile bloklamaya başlıyor. Bunun için F5 sitesinde güncellemeden 15 gün sonraya kadar Modified ASM Cookie violation’u kapalı tutmanızı öneriyor. Kapatmadığınız takdirde bazı requestlerin bloklandığını görücekseniz..
F5 sitesinde konuyla ilgili açıklamadada bulunmuş..
Upgrading from earlier versions
You may install Application Security Manager (ASM) version 11.2.0 onto existing systems running version 9.4.3 or later.
Important: The Application Security Manager supports .ucs files from versions 9.4.3 and later of the Application Security Manager. Additionally, you may import policies exported from versions 9.4.3 and later of the Application Security Manager.
Important: The system creates its internal cookie in versions 10.2.4 and later (including all versions of 11.x) differently than in versions prior to 10.2.4. As a result, while upgrading your system from a version prior to 10.2.4 to version 10.2.4 or later, the system will produce the Modified ASM Cookie violation for existing browser sessions. If the security policy has the Modified ASM Cookie violation enabled and set to block traffic when this violation occurs, after upgrading to version 10.2.4 or later, the system will block traffic to the web application. However, since the TS cookie is a session cookie, the system will block traffic only until the browser session ends (the end-user restarts the browser). To prevent the security policy from blocking traffic until the end-user’s browser is restarted, before upgrading to version 10.2.4 or later, we recommend you disable the security policy from blocking the Modified ASM Cookieviolation, upgrade, and wait long enough to allow all users to restart their browsers (two weeks are expected to be enough). After enabling the violation, we recommend you monitor the logs. If the Modified ASM Cookie violation appears, consider disabling the violation again for a longer period of time, or communicate to the users to restart their browsers.