Classification signatures are added as rules in the local traffic policy. The classification
signatures can be used for many standard categories and applications. In addition, you can create
custom categories and applications. The BIG-IP® system automatically creates
a local traffic policy that is attached to a virtual server. However, when you use Policy Enforcement Manager™ (PEM™), you can create a policy
attached to a virtual server and then the BIG-IP system creates a local traffic policy. You can
add an HTTP profile and classification profile in the virtual server. The local traffic policy
forms a logical link between the local traffic components and the policy.
When you create a listener, a local traffic policy is attached to the listener HTTP virtual
server. If you want to create custom application signatures for certain types of traffic, you can
use the local traffic policy to do that, and define the policies that allow you to classify
traffic. Some policies can behave like application signatures. An application
signature is a signature that is assigned to an application (for example, HTTP
traffic).
Local traffic policies can include multiple rules. Each rule defines the signature and consists
of a condition. Actions are to be performed if the condition holds. Multiple signatures can be
assigned to one policy, so you can create a local traffic policy that works with PEM and includes
multiple rules that do different things depending on the conditions you set up. In this type of
traffic policy, each rule must include one of these PEM actions:
- Enable PEM.
- Attach an application or category ID that you created.
Note: The BIG-IP system does not allow you to attach two classification local traffic
policies to the same virtual server.
Task Summary
Modifying custom local traffic policy rules for PEM
Before you modify rules on existing policies, you must set up an application or
category (.
You can add rules to define conditions and run specific actions for different types
of application traffic in Policy Enforcement Manager™ (PEM™). For example, if you create an application signature for
company A and want to send traffic from company A's website, you can perform actions,
such as bandwidth control and disable Gate status from PEM. This
is a rule that can be assigned to an existing policy.
-
On the Main tab, click .
For more information about local traffic policies, refer to BIG-IP®
Local Traffic Manager™: Implementations.
The Policy List screen opens.
-
Click _sys_CEC_video_policy.
Important:
_sys_CEC_video_policy is the default local traffic
policy that is important for classification; F5®
recommends that you keep the policy.
The Policy List screen opens.
-
Click Add.
The New Rule screen opens.
-
In the Rule Name field, type a unique name for the
policy, for example companyA.
-
In the Rule properties area, define the application traffic to which this rule
applies. Specify these values and use default values for the remainder.
-
From the Operand list, select
http-host.
-
From the Event list, select
request.
-
From the Selector list, select
all.
-
From the Condition list, select
ends-with.
-
Type the value; for example, companyA.com.
-
Click Add.
-
In the Actions setting, define the action to apply to the traffic. Specify
these values and use the default values for the remainder:
-
From the Target list, select
pem.
Note: You can specify the application you created; in this
example, it is companyA.
Event is set to
request and Action is
set to classify. For
Parameters, select
application and specify the application
/common/companyA; click
Add.
-
In the Actions area, click Add.
-
Click Finished to add the rule to the local traffic
policy.
-
Verify that the rule is added to the policy () and scroll down to view the list of rules.
You should be able to view the rule you just created.
Now you have added a new rule to the existing policy. When you send traffic that
matches the rule you defined, you should be able to see the application or category you
have configured. You can view the classified traffic, as well ().