Applies To:

Show Versions Show Versions

Manual Chapter: Working with the Security Policy Setup Wizard
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

The Security Policy Setup wizard provides a quick and efficient way to create a new security policy for an existing web application in the Application Security Manager configuration. The Security Policy Setup wizard automates the fundamental tasks required to build a security policy. By using the wizard, you create a basic security policy. By changing the enforcement mode to blocking, you can use this security policy as is, to protect against the most common attacks.
As you navigate the wizard, the system provides default settings for each configuration option. For the easiest setup, F5 Networks recommends that you accept the default settings. Note that you can make any changes that are appropriate for your particular web application and application security requirements.
Note: If you are creating a security policy for a new, unconfigured web application, F5 Networks recommends that you use the Deployment wizard to set up the security policy. For more information on using the Deployment wizard, refer to the BIG-IP® Application Security Manager: Getting Started Guide.
1.
In the Application Security navigation pane, click Policies List.
The Security Policies screen opens.
2.
Above the Security Policies area, click the Create button.
The Security Policy Setup wizard starts, and the Configure Security Policy Properties screen opens.
Staging and tightening allow you to test web application entities for false positives without enforcing them. You can put entities such as parameters, file types, URLs, and attack signatures into staging. You can use tightening for wildcard entities. The security policy provides staging and tightening suggestions when requests do not meet the web application entity's settings. Application Security Manager does not send alerts or block that traffic, even if those requests trigger violations against the security policy.
1.
On the Configure Security Policy Properties screen, in the Security Policy Name box, type a unique name for the new security policy that you are creating with the Security Policy Setup wizard.
2.
From the Web Application list, select the web application to which this security policy applies.
3.
For the Application-Ready Security Policy setting, specify whether the security policy is based on one of the system-supplied templates.
4.
For the Dynamic Session ID in URL setting (available only if you selected None in step 3), specify how the security policy processes URLs that use dynamic sessions:
Disabled: Specifies that the security policy does not enforce dynamic sessions in URLs. This is the default
Default pattern: Specifies that the security policy uses a default regular expression to recognize dynamic sessions in URLs. The default pattern is (\/sap\([^)]+\)).
Custom pattern: Specifies a regular expression that the security policy uses to recognize dynamic sessions in URLs. Type a regular expression in the Value box and an optional description.
5.
For Staging-Tightening Period, type the number of days web application entities remain in staging or tightening before you add them to the policy. The default value is 7 days.
6.
Click Next.
If in step 3 you selected any application-ready security policy (except Rapid Deployment), the Policy Configuration Summary screen opens (skip to Confirming the security policy configuration). Otherwise, the Configure Attack Signatures screen opens.
Attack signatures represent known attack patterns. In this step, you create an attack signatures set based on the systems that are in your configuration. The system then assigns the set to the security policy, and applies those signatures to the requests for the associated web application. There is also a set of generic attack signatures that is automatically assigned to the security policy. In this step, you also configure whether the system activates signature staging. When signature staging is enabled, the system keeps track of how many times an attack signature detects an attack pattern, but does not activate blocking for that signature until the staging time has passed.
1.
On the Configure Attack Signatures screen, for the Systems setting, from the Available Systems list, select (by clicking) the systems that apply to your web application.
Tip: Hold the Ctrl key to select more than one system in the list.
3.
If you do not want the system to keep the signatures in the staging state, clear the Enable Signature Staging check box. Otherwise, leave the box checked, which is the default setting.
4.
Click Next.
The Configure Wildcard Tightening screen opens.
When you use the Security Policy Setup wizard to create a new security policy, the wizard automatically adds wildcard entities to the new security policy. By using wildcard entities, you can efficiently build a security policy without in-depth knowledge of the web application, and reduce the number of violations and false positives during the initial stages of building a security policy.
You can use tightening to refine the security policy to include explicit entities. When you enable tightening for an entity type (file types, URLs, or parameters), the system suggests new explicit entities that may be added to the security policy. The new explicit entities match the wildcard entities. If you configure tightening for parameters, the global wildcard parameter is added with Ignore value as the Parameter Value Type. By default, the system enables wildcard tightening for file types. For more information on wildcard entities and the tightening process, see Chapter 10, Working with Wildcard Entities.
1.
On the Configure Wildcards Tightening screen, check the box next to the entities (file types, URLs, or parameters) for which you want to enable for wildcard tightening.
2.
Click Next.
The Policy Configuration Summary screen opens.
In this screen of the wizard, you verify the settings for the new security policy that you have selected using the Security Policy Setup wizard.
2.
To change any of the settings, click the Back button to return to the appropriate screen of the Security Policy Setup wizard.
Note: Each time you click the Back button, the Configuration utility goes back one screen in the wizard. You may need to click the Back button on several screens to return to the step for which you want to make changes.
3.
If you are satisfied with the security policy configuration, click the Finish button.
The system saves the changes you have made.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)