Array Signature Library (ASL) Update

Array Signature Library (ASL) Update

 

ASL contains the signatures of latest attacks, including predefined signatures of negative WAF and signatures of positive WAF.

Array Security Center (ASC) will regularly release ASL versions in the form of ASL images. If customers have purchased the subscription license of security update services, they can manually download or configure the system to automatically download ASL images to update the ASL version of the appliance. The ASL update is independent from the system update.

 

ASL Automatic Update:

After the ASL automatic update function is enabled, the appliance will check whether the ASC site has a new version of ASL image in the permitted automatic update period. After fetching a new version of ASL image, the appliance will determine the update mode based on the configured automatic update option:

·         If the automatic update option is “effect”, the appliance will immediately download and apply the new version of ASL image.

·         If the automatic update option is “notify”, the appliance will notify the administrator to manually apply the new version of ASL image

 

Configuration steps through webui:

1.      Login into ASF webui and expand “Application Defense” option.

2.      Click on option “WAF defense”.

3.      Click on option “Signature Library” under “Global” tab option.

4.      Click on ASL Update.

5.      In the “Automatic update” page, set Automatic Update option as “On - Notify (Notify admin of new ASL update if any)” or “On - Effect (Apply new ASL update if any)”, and configure Automatic Update URL, Automatic Update Period, and Automatic Update Proxy settings (optional), and then click Apply Changes.

 

Under “Basic settings” page, we can check the current ASL version, available ASL versions.

 

Configuration steps through CLI :

1.      Login into ASF with putty.

2.      Switch to enable and then config mode.

3.      Execute “waf asl update auto” command with below syntax.

Syntax:

#waf asl update auto on <update_option>

  update_option:  This parameter specifies the ASL auto-update option. Its value must be:

 notify: indicates that the system will download the latest ASL image and notify the administrator to apply the latest ASL image. Administrators can apply the latest ASL image by the “waf asl version apply” command.

effect: indicates that the system will immediately download and apply the latest ASL image.

Example Command:

#waf asl update auto on effect

4. Configure the ASC URL address of the new version of ASL image by executing the “waf asl update auto address” command.

Command:

#waf asl update auto address https://asc.arraynetworks.net/api/asf/security_center/component/asl

5. Configure the proxy for Internet connectivity by executing the “waf asl update auto proxy” command (Optional). This command needs to be configured only when the appliance needs to access the Internet through a proxy.

Command Syntax:

# waf asl update auto proxy <proxy_address> [username] [password]

Example Command:

# waf asl update auto proxy 192.168.70.15:443 array admin

6. Save the configuration with command “write memory”.

Note: If the specified automatic update option is “notified”, you need to apply the new version of ASL image downloaded by the ASL automatic update function by executing the “waf asl version apply” command.

 

ASL Manual Update:

To update the ASL manually, visit Array support portal(https://support.arraynetworks.net/) and download the latest version ASL under ASF section.

To obtain the latest version of ASL image, place the image on an FTP or HTTP/HTTPS server, and manually update the ASL from this URL.

 

Configuration steps through webui:

1.      Login into ASF webui and expand “Application Defense” option.

2.      Click on option “WAF defense”.

3.      Click on option “Signature Library” under “Global” tab option.

4.      Click on ASL Update.

5.      In the “Manual update” page, select “Local” and browser the file and click on Update.

 

 

Note: You can place the image on an FTP or HTTP/HTTPS server, and manually update the ASL from URL Option.

Configuration steps through CLI :

1.      Login into ASF with putty.

2.      Switch to enable and then config mode.

3.      Update ASL version manually with below command.

Command Syntax:

          # waf asl update manual <URL>

           URL: This parameter specifies the URL/HTTP address of the new ASL image

       Example Command:

          # waf asl update manual ftp://192.168.70.15/Array_Signature_Library_1.3.14_2021-11-05.array

4.      After successful ASL update, save the configuration with command “write memory”.

 

5.      You can check the ASL version with command “show waf asl version status”.