ASM - confusion about Wildcard, Selective, All Entities
Regarding the "Explicit Entities Learning" in ASM 11.6, i am failing to understand "Selective" case.
I understood that:
- Wildcard, the policy will include only a *
- Selective, ???
- Full Entities, the policy will enforce all entities after all loosing/tightening period.
What about Selective? I am confused what it means and when it is used.... Can you please provide an example?
The manual encrypted definition is:
Never (wildcard only)Specifies that when false positives occur, the system suggests relaxing the settings of the wildcard. This option results in a security policy that is easy to manage, but is not as strict. If Policy Builder is running, it does not add explicit entities that match a wildcard to the security policy. The wildcard entity remains in the security policy. The Policy Builder changes the attributes of any matched wildcard. If not running, Policy Builder suggests changing the attributes of matched wildcard entities, but does not suggest you add explicit entities that match the wildcard entity.
SelectiveApplies only to * wildcard entity. When false positives occur, adds an explicit entity with relaxed settings. This option serves as a good balance between security, policy size, and ease of maintenance. If Policy Builder is running, it adds explicit entities that do not match the attributes of the * wildcard, and does not remove the * wildcard. If Policy Builder is not running, the system suggests adding explicit entities that match the * wildcard. (Option not applicable to Redirection Domains.)
Add All EntitiesCreates a comprehensive whitelist policy that includes all web site entities. This option results in a large, more granular configuration with stricter security. If Policy Builder is running, it adds explicit entities that match a wildcard to the security policy. When the security policy is stable, the * wildcard is removed. If Policy Builder is not running, the system suggests adding explicit entities that match the wildcard.