F5 Logo MyF5
Search
  1. MyF5 Home
  2. Knowledge Centers
  3. BIG-IQ Security
  4. BIG-IQ ASM: Administration
  5. Security Policies
Manual Chapter : Security Policies

Applies To:

Show Versions Show Versions

BIG-IQ Security

  • 4.2.0
Manual Chapter
Table of Contents | << Previous Chapter | Next Chapter >>

About viewing ASM security policies

To view security policies that BIG-IQ Application Security Manager (ASM) has imported from discovered BIG-IP devices, navigate to the Policies panel. Each policy is assigned a unique identifier that it carries across the enterprise. This ensures that each policy is shown only once in the Policies panel no matter how many devices it exists in.

In the BIG-IQ ASM repository, policies are in XML format.

Displaying security policy properties

With BIG-IQ ASM, you can easily view the properties of individual security policies.
  1. Navigate to the Policies panel.
  2. Hover in the banner for the specific policy, and click the gear icon to display the expanded panel containing properties and actions.

Policy properties

Policy properties are read-only and displayed for informational purposes only.

Property Description
Name Name of the policy.
Full Path Full path, including partition, to the policy on the BIG-IP device.
Description Optional description for the policy.
Last Updated At FQDN for the BIG-IP device where the policy was last updated.
Last Updated Time Time the policy was last updated in YYYY-MM-DDTHH:MM:SSZ format. Example: 2013-11-14T16:16:03Z.
Last Policy Name Policy name, including partition.
Source Device FQDN and self IP address for the BIG-IP device where the policy is located.

Reimporting security policies

If security policies fall out of sync between BIG-IQ ASM and the policy sources on managed BIG-IP devices, you can reimport policies to bring them back into sync.
  1. Navigate to the Policies panel.
  2. Hover in the banner for the policy you want to reimport, and click the gear icon to display the expanded panel containing properties and actions.
  3. Click the Reimport from Device button to the right of the Source Device field.

    This action is not available if the policy source is a file. In such cases, click Change Source to change the Source Device field to list devices containing the specified policy.

Exporting ASM security policies

Use BIG-IQ ASM to export security policies (download the policy XML file) from the module to an application or to a user-designated location.
  1. Navigate to the Policies panel.
  2. Hover in the banner for the policy you want to export, and click the gear icon to display the expanded panel containing properties and actions.
  3. Click the Export button at the top of the panel.
  4. In the dialog box, select either Open with and select an application from the drop-down menu, or Save File and provide a location.
  5. Click Save.

Removing ASM security policies

BIG-IQ ASM provides a way to remove security policies from the BIG-IQ database.
  1. Navigate to the Policies panel.
  2. Hover in the banner for the policy you want to remove, and click the gear icon to display the expanded panel containing properties and actions.
  3. Click the Remove button at the top of the expanded panel. After removal, you will not receive a confirmation dialog box.
Security policies are removed from the BIG-IQ system and security policies can be managed locally.
Table of Contents | << Previous Chapter | Next Chapter >>
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5 Networks, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information