Applies To:

Show Versions Show Versions

Manual Chapter: System Configuration Options
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

The BIG-IP® Protocol Security Module has some system configuration options that include configuring remote logging, and modifying internal parameters.
Remote logging
When you configure remote logging, rather than store violation data and traffic statistics for the security profiles in the system memory, you store the data on an external logging server. For more information, refer to Configuring remote logging.
Internal parameters
The internal parameters control system functionality. In almost all cases, there is no need to change the internal parameters from their default setting. For a description of the internal parameters, refer to Overview of internal parameters.
The remote logging format is based on the Syslog utility. When you configure remote logging, the system stores violation data and traffic statistics for the associated security profile off the system. You can then use a remote management system to view the log files. Using remote logging allows you to retain more information generated by the security profiles, since the default logging is in system memory.
Important: Remote logging relies on external systems to perform the actual logging. The configuration and maintenance of the external logging servers is not the responsibility of F5 Networks.
1.
On the Main tab of the Application Security navigation pane, click Options.
The Advanced Configuration screen opens.
2.
On the menu bar, click Remote Logging.
The Remote Logging Configuration screen opens.
3.
For the Protocol setting, select the protocol that the remote storage server uses.
4.
For the Server IP setting, type the IP address for the remote storage server.
5.
For the Server Port setting, type a port number or use the default value, 514.
6.
For the Facility setting, select the Syslog facility filter that you want to associate with this request data.
7.
Click Save.
The system saves any changes you may have made.
The Protocol Security Module has several internal parameters that control how the product functions. In almost all cases, there is no need to change the internal parameters from their default setting. Table 5.1 lists the internal parameters, their default value, and a description of their purpose.
This parameter defines a maximum URI length that the Security Enforcer can support in its internal buffers. If this number is higher than the URI length defined per file type, then this number is the limit. If this number is higher than the file type limit, then the file type limit sets the maximum URI length.
This parameter specifies the maximum number of concurrent sessions that the Security Enforcer can handle.
This parameter defines the maximum size of responses retained by the system.
This parameter specifies the maximum number of concurrent long requests that the Security Enforcer can handle. A long request is a request longer than request_buffer_size and less than long_request_buffer_size.
This parameter specifies the common request length supported by the Security Enforcer.
This parameter specifies the maximum buffer size for a single instance of the accumulated response buffers. The system accumulates response buffers until their total size reaches the max_filtered_html_length.
This parameter specifies the maximum memory size (in bytes) available for the Security Enforcers memory pools.
This parameter specifies how the system distinguishes between HTTP and HTTPS objects.
If the value is -1, the system decides whether the object requested is an HTTP request or an HTTPS request based on the incoming traffic.
If the value is 0, the system treats all incoming object requests as HTTP requests.
If the value is 1, the system treats all incoming object requests as HTTPS requests.
This parameter specifies the maximum number of concurrent FTP connections that the Protocol Security Module can manage.
This parameter specifies the maximum number of concurrent SMTP connections that the Protocol Security Module can manage.
This parameter specifies the maximum number of violation entries per violation type kept in memory. Note that this parameter applies only to the Protocol Security Module security profiles.
This parameter specifies, when the value is greater than zero (0), the number of threads that the Security Enforcer uses. When the value is zero, the number of CPUs in the system determines the number of thread that the Security Enforcer uses.
On the Main tab of the Application Security navigation pane, click Options.
The Advanced Configuration screen opens, where you can review the settings for the internal parameters.
Important: We recommend that you change the values for the internal parameters only with the guidance of the technical support staff.
If you change any of the parameter values for the internal parameters, it is easy to restore the default settings for those values.
1.
On the Main tab of the Application Security navigation pane, click Options.
The Advanced Configuration screen opens.
2.
Above (or below) the Advanced Configuration area, click the Restore Defaults button.
The system resets any changed parameter values to their factory settings.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)