Forum Discussion
samstep
Jul 30, 2017Cirrocumulus
Actually I believe the best practice is to never switch the policy to transparent mode in Production. The second you do that - you disable your protection and leave the application exposed to attacks.
What you do is let the policy learn all the application changes in TEST environment - test it with your QA team and verify the changes with application developers to make sure the policy does not block good traffic, then export the policy out of test environment's ASM and import it into the Production ASM.