BIG-IQ ASM enables enterprise-wide management and configuration of multiple BIG-IP devices from a central management platform. You can centrally manage BIG-IP devices and security policies, and import policies from files on those devices.
For each device discovered, an additional virtual server is created to hold all security policies that are not related to any virtual server on the device. To deploy a policy to a device, the policy must be attached to one of the device's virtual servers. Policies can be deployed to a device that already has the policy by overwriting it. If the policy does not yet exist on the device, you have the option to deploy it as a new policy attached to an available virtual server or as an inactive policy.
From this central management platform, you can perform the following actions through a REST API:
Different users have different responsibilities. Therefore, system administrators need a way to differentiate between users to limit user privileges based on those responsibilities.
To assist administrators with this, the BIG-IQ ASM module provides these default roles:
Roles persist and are available after a BIG-IQ system failover. You can associate multiple roles with a given user.
BIG-IQ Application Security Manager(ASM) provides these default users:
Users persist and are available after a BIG-IQ system failover.
|User name||Enter the user's login name.|
|Full Name||Enter the user's actual name. This field can contain a combination of symbols, letters (upper and lowercase), numbers and spaces.|
|Password||Enter the password for this user.|
|Confirm Password||Retype the password.|