Applies To:

Show Versions Show Versions

Manual Chapter: Upgrading HTTP Security Profiles to
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Customers who wish to upgrade from the BIG-IP® Protocol Security Module to BIG-IP® Application Security Manager can use the Migration Wizard to facilitate the upgrade process. The Migration Wizard converts an HTTP security profile in the Protocol Security Module configuration to a security policy for a web application in Application Security Manager. If you are not familiar with the features of Application Security Manager, we recommend you review this configuration guide before you perform the migration.
Important: The migration of an HTTP security profile in the Protocol Security Module configuration into a security policy associated with a web application in the Application Security Manager configuration cannot be reversed.
Once you have activated the license for the Application Security Manager, you can use the Migration wizard to convert any HTTP security profiles into a baseline security policy for the corresponding web application.
1.
On the Main tab of the navigation pane, in the Application Security section, click Security Profiles.
A new browser session opens, and displays Security Profiles screen, in the Application Security Configuration utility.
2.
On the Main tab of the Application Security navigation pane, in the Advanced Firewall section, click Migration.
The Virtual Servers Selection screen of the Migration Wizard opens.
When you start the Migration Wizard, the wizard automatically detects the virtual servers whose HTTP traffic profiles are associated with HTTP security profiles. As part of the migration, you create an application security class to replace the HTTP security profile. For detailed information on application security classes, refer to Chapter 3, Working with Application Security Classes.
1.
On the Virtual Servers Selection screen, for the Virtual Server setting, select the virtual server for which you want to create an application security class.
2.
For the Class setting, select one of the following options:
Create new
If you select this option, then type a name for the new application security class in the box, using only alphanumeric characters and the underscore character.
Use existing
If the virtual server already has one or more application security classes associated, you can select this option, and then select the application security class from the list.
3.
Click Next.
The Finish screen opens.
Complete migration
When you select this option, the Migration Wizard transforms the HTTP security profile into a rudimentary security policy. If you select this option, once the migrations is finished, we recommend that you use the Policy Builder to automatically build and refine the security policy. Refer to Chapter 7, Building a Security Policy Automatically with the Policy Builder for more information.
Continue enhancing policy using Policy Wizard
When you select this option, the Migration Wizard transforms the HTTP security profile into a security policy, and also starts the Security Policy Setup Wizard. For details on working with this wizard, refer to Chapter 6, Working with the Security Policy Setup Wizard.
Important: In the following procedure, once you click Next on the Finish screen, the Migration Wizard performs the action you specify, and cannot be undone.
1.
On the Finish screen, for the Final Policy Settings option, select the action that you want the Migration Wizard to take.
2.
Click Next.
The Migration Wizard performs the action you selected, and displays a summary screen once the conversion is complete.
3.
Click Finish.
The Web Application Properties screen opens, where you can define the web application properties, or start the Security Policy Setup Wizard.
Note: If you decide to use the Security Policy Setup Wizard, and you apply a security policy application template, the template overrides any settings that may have been imported by the Migration Wizard.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)