Applies To:

Show Versions Show Versions

Manual Chapter: Introducing the BIG-IP Protocol Security Module
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

The BIG-IP® Protocol Security Module provides advanced protocol security, and ensures compliance for common internet protocols. The Protocol Security Module protects your web servers and FTP servers, masks sensitive data, blocks spam, and includes the following features:
Protocol-layer security for common network protocols
The Protocol Security Module performs security checks and validation for the HTTP, HTTPS, FTP, and SMTP protocols.
Out-of-the-box protection
Preconfigured HTTP, FTP, and SMTP profiles are immediately usable, and provide the flexibility so you can adjust security settings for your environment.
Simplified management
The browser-based Configuration utility provides network device configuration, centralized defense configuration management, and easy-to-read summary reports.
Integration with BIG-IP system
Built on F5 Networks TMOS® architecture, the Protocol Security Module is integrated with the BIG-IP® Local Traffic Manager, guaranteeing the delivery of secure application traffic.
Fully upgradable to BIG-IP Application Security Manager
If you decide you want comprehensive protection for web applications, you can use the built-in migration tool to upgrade the system configuration from Protocol Security Module to the Application Security Manager.
The Configuration utility is the browser-based graphical user interface for administering the entire BIG-IP system, including provisioned modules such as the Protocol Security Module. You can work from any computer that is connected to the management network and can run a web browser. For a list of supported browsers, refer to the current release notes on the AskF5SM web site,
The Protocol Security Configuration utility is the user interface for the Protocol Security Module. When you click an option in the Protocol Security section of the main browser (or, if you have the Application Security Manager, click Security Profiles), the system opens a second browser that contains only protocol security options.
You use both browsers to configure the Protocol Security Module. For clarity, this document refers to the navigation pane of the BIG-IP Configuration utility as simply the navigation pane. The procedures in this guide refer to the navigation pane of the Protocol Security Configuration utility as the Protocol Security navigation pane.
Secure FTP traffic
The FTP security profile defines security checks for FTP traffic. For details, see Chapter 2, Configuring Security for FTP Traffic.
Secure HTTP traffic
The HTTP security profile defines security checks for HTTP traffic. For details, see Chapter 3, Configuring Security for HTTP Traffic.
Secure SMTP traffic
The SMTP security profile defines security checks for SMTP traffic. For details, see Chapter 4, Configuring Security for SMTP Traffic.
Configure remote logging
For users who want to retain more log data, you can configure the system to store log messages on a remote server. For information on setting up remote logging, see Chapter 5, Monitoring and Remote Logging.
Configure internal parameters
For advanced users only. You can adjust the default values of the internal parameters. See Chapter 6, Reviewing Internal Parameters.
Review violation statistics and traffic reports
The Protocol Security Module provides violation data and traffic reports for the security profiles in Appendix A, Security Profile Violations.
For detailed information on configuring local traffic objects, required when setting up Protocol Security, refer to the Configuration Guide for BIG-IP® Local Traffic Manager, which is available in the AskF5SM Knowledge Base,
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?

NOTE: Please do not provide personal information.

Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)