This implementation describes how to secure FTP traffic using a custom configuration. When you use an FTP security profile, the BIG-IP system inspects FTP traffic for network vulnerabilities. A default FTP security profile is included in the system that you can modify, or you can create a new one as described in the tasks included here. To activate security checks for FTP traffic, you enable protocol security in an FTP service profile, and associate the service profile with a virtual server.
You can customize an FTP security profile to generate alarms or block requests for the following FTP security risks:
|Alarm||The system logs any requests that trigger the violation.|
|Block||The system blocks any requests that trigger the violation.|
|Alarm and Block||The system both logs and blocks any requests that trigger the violation.|