Applies To:

Show Versions Show Versions

Manual Chapter: Introducing the BIG-IP Protocol Security Module
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

The BIG-IP® Protocol Security Module provides advanced protocol security, and ensures compliance for common internet protocols. The Protocol Security Module protects your web servers and FTP servers, masks sensitive data, blocks spam, and includes the following features:
Protocol-layer security for common network protocols
The Protocol Security Module performs security checks and validation for the HTTP, HTTPS, FTP, and SMTP protocols.
Out-of-the-box protection
Preconfigured HTTP, FTP, and SMTP profiles are immediately usable, and provide the flexibility so you can adjust security settings for your environment.
Simplified management
The browser-based Configuration utility provides network device configuration, centralized defense configuration management, and easy-to-read summary reports.
Integration with BIG-IP system
Built on F5 Networks TMOS® architecture, the Protocol Security Module is integrated with the BIG-IP® Local Traffic Manager, guaranteeing the delivery of secure application traffic.
Fully upgradable to BIG-IP Application Security Manager
If you decide you want comprehensive protection for web applications, you can use the built-in migration tool to upgrade the system configuration from Protocol Security Module to the Application Security Manager.
The Configuration utility is the browser-based graphical user interface for administering the entire BIG-IP system, including provisioned modules such as the Protocol Security Module. You can work from any computer that is connected to the management network and can run a web browser. For a list of supported browsers, refer to the current release notes on the AskF5SM web site, https://support.f5.com.
This guide is written with the assumption that you have installed the BIG-IP® system, and have licensed and provisioned the Protocol Security Module on the system. (You also have complete access to Protocol Security Module if you have licensed and provisioned Application Security Manager.) Refer to the BIG-IP® Systems: Getting Started Guide if you need more information on these tasks.
Secure FTP traffic
The FTP security profile defines security checks for FTP traffic. For details, see Chapter 2, Configuring Security for FTP Traffic.
Secure HTTP traffic
The HTTP security profile defines security checks for HTTP traffic. For details, see Chapter 3, Configuring Security for HTTP Traffic.
Secure SMTP traffic
The SMTP security profile defines security checks for SMTP traffic. For details, see Chapter 4, Configuring Security for SMTP Traffic.
Configure remote logging
For users who want to retain more log data, you can configure the system to store log messages on a remote server. For information on setting up remote logging, see Chapter 5, Configuring Monitoring, Remote Logging, and User Preferences.
Review violation statistics and traffic reports
The Protocol Security Module provides violation data and traffic reports for the security profiles in Appendix A, Security Profile Violations.
Configure internal parameters
For advanced users only. You can adjust the default values of the internal parameters. See Appendix B, .
For detailed information on configuring local traffic objects, required when setting up Protocol Security, refer to the Configuration Guide for BIG-IP® Local Traffic Manager, which is available in the AskF5SM Knowledge Base, https://support.f5.com.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)