Applies To:

Show Versions Show Versions

Manual Chapter: Creating a Security Policy Using Rapid Deployment
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

The Rapid Deployment security policy includes security checks that minimize the number of false positive alarms and reduce the complexity and length of the initial evaluation deployment period. You select the Manual Deployment scenario in the Application Security Manager Deployment wizard to use the Rapid Deployment security policy. By default, the Rapid Deployment security policy does the following:
With the Rapid Deployment security policy, your organization can quickly meet the majority of web application security requirements. For additional information about the Rapid Deployment security policy, see the Working with the Application-Ready Security Policies appendix, in the Configuration Guide for BIG-IP® Application Security Manager.
Important: The procedures in this deployment start after you have configured the network settings that are appropriate for your environment. Refer to Chapter 2, Performing Basic Configuration Tasks, if you have not yet configured network connectivity.
The Deployment wizard guides you through the tasks required to create a security policy. When you start the Deployment wizard, you select a deployment scenario. Each deployment scenario includes preset configuration options. The configuration options are tailored to address the needs of the environment or application for which you are creating a security policy. In this case, you are creating a basic security policy as a starting point.
1.
On the Main tab of the navigation pane, in the Application Security section, click Web Applications.
The Web Applications screen opens in a new browser session.
2.
In the Name column, click the web application name that matches the application security class name that you created in Defining an application security class.
The Select Deployment Scenario screen opens.
3.
For Deployment Scenario, select Manual Deployment.
4.
Click the Next button.
The Configure Security Policy Properties screen opens.
In this step of the wizard, you configure the properties of the security policy, including the security policy name and the application language. You also select the rapid deployment security policy template.
1.
On the Configure Security Policy Properties screen, for the Security Policy Name setting, change the default name as needed.
2.
For the Application Language setting, select the specific language encoding from the list that corresponds to the web application encoding.
3.
For the Application-Ready Security Policy setting, if the web application uses SSL, select Rapid Deployment security policy (https). Otherwise, use Rapid Deployment security policy (http).
4.
Click Next.
The Configure Attack Signatures screen opens.
Attack signatures represent known attack patterns that the system can check for. In this step of the wizard, you create an attack signature set for the security policy. By default, a set of generic attack signatures is included in every policy. You can add attack signatures depending on the systems in your networking configuration.
This step also puts the attack signatures in staging. Staging means that the system applies the attack signatures to the web application traffic, but does not block traffic during the staging period (even if traffic matches a signature that is supposed to be blocked). The system tracks the number of incidents that occur for each attack signature and provides learning suggestions.
At the end of the staging period (seven days, by default), you can review the attack signatures on the Traffic Learning screen (Application Security >> Manual >> Traffic Learning). You can click Enforce Signatures to remove from staging all signatures that were not hit during the staging period, and start enforcing them. Only signatures that had hits are left on the screen, and you can investigate them to see if they are false positives or if they indicate actual attacks.
Note: For more information on attack signatures and signature staging, refer to the Working with Attack Signatures chapter in the Configuration Guide for BIG-IP® Application Security Manager.
1.
On the Configure Attack Signatures screen, for the Systems setting, from the Available Systems list, select the systems that apply to your web application.
Tip: Hold the Ctrl key to select more than one system in the list.
3.
Click Next.
The Policy Configuration Summary screen opens, where you can verify the configuration.
4.
Click Finish.
The system creates the security policy with the preconfigured settings, and activates the security policy.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)