Applies To:

Show Versions Show Versions

Manual Chapter: Customizing Settings
Manual Chapter
Table of Contents   |   << Previous Chapter

Overview: Customizing settings

After you activate the license, complete the initial setup, and specify your network configuration options, you can customize settings for other Enterprise Manager™ features.

About refreshing device configurations

To ensure that the stored configuration for each managed device is up-to-date, Enterprise Manager compares it with the device's current configuration at regular intervals. If a configuration change has occurred, Enterprise Manager updates the stored configuration with those changes.

Changing the device refresh interval

By default, Enterprise Manager contacts its managed devices to check for configuration changes once every 60 minutes. You can reduce the amount of management traffic by increasing this interval or you can more closely monitor the state of devices by decreasing the interval.

Tip: You can refresh device information immediately at any time, by selecting devices and clicking the Update Status button on the Device list screen or on the General Properties screen of a specific device.
  1. On the Main tab, click Enterprise Management > Options > Devices > Communications.
  2. In the Refresh Interval field, type an interval value to specify the number of minutes that Enterprise Manager waits before requesting new information from each managed devices. This interval is superseded if a configuration change prompts an automatic refresh before the interval is reached, unless the Send Event Notifications to EM setting is disabled.
  3. Select Disable for the setting in these circumstances:
    Setting Disable this option if:
    Contact F5 During Refresh Enterprise Manager is behind a firewall and cannot contact F5 licensing servers for updated license information
    Send Event Notifications to EM You want to reduce management traffic and refresh only at the interval defined in the Refresh Interval field
    Check Connectivity From Device to EM There is a firewall between Enterprise Manager and the managed device, and communication is only allowed unilaterally from Enterprise Manager to the device
  4. Click Save Changes.

About UCS archive storage

The configuration details of managed devices (including Enterprise Manager itself) are contained in a compressed user configuration set (UCS) file with the extension of .ucs. This file contains all of the information required to restore a device's configuration, and consists of these elements:

  • System-specific configuration files
  • License
  • User account and password information
  • DNS zone files
  • NameSurfer configuration
  • SSL certificates and keys

Enterprise Manager saves UCS files to a UCS archive. You can create a task to save UCS archives for devices at regularly scheduled intervals. Archives that are created and saved on a schedule are called, rotating archives. When the system creates rotating archives, it compares the most recently stored UCS archive file to the current configuration on the device at the specified interval. If there are any differences, Enterprise Manager stores a copy of the current configuration in a UCS archive. If there are no differences, Enterprise Manager does not store an additional copy of the current configuration, which leaves you room to store a higher number of unique historical UCS archives. When Enterprise Manager reaches the maximum number of archives specified to store, it deletes the oldest archive in the rotating archive list. By default, Enterprise Manager stores up to 10 rotating archives each, for itself and every managed device.

Another option for archive storage is to create an archive of a specific UCS for a device, referred to as a pinning an archive. Enterprise Manager also creates a pinned archive of a device's current configuration before it installs new software. Pinned archives are stored until you delete them.

Creating a rotating UCS archive schedule

A device must be listed on the Device List screen before you can create a rotating archive schedule for it.
It is best practice to create a rotating archive schedule for each device in your network so that you always have a copy of a recent configuration. The UCS archive provides your network with added stability in the event that a configuration change results in a need for a system restore. You can create a customized schedule for a specific device, or create several schedules and assign any number of devices to each schedule.
  1. On the Main tab, click Enterprise Management > Tasks > Schedules > Archive Collection. The Archive Collection screen opens.
  2. Click the Create button. The New Scheduled Task screen opens.
  3. In the Archive File Name field, type a name for the rotating archive schedule.
  4. From the Check for Changes list, select the frequency that you want Enterprise Manager to check for configuration changes. Depending on your selection, the screen refreshes to display associated options.
  5. Click Finished to save the settings.
The Archive Collection list screen opens and the new rotating archive schedule appears in the list. If a device in the Assigned list changes its configuration during the interval you specified, Enterprise Manager creates an archive of the device's configuration and adds it to the rotating archives on the Archives Collection screen.

Changing private key archive settings

When Enterprise Manager™ creates a UCS archive, it stores the private keys in the archive by default. If you would prefer not to have the system store the private keys in the UCS archive, you can change this default behavior.
Important: If you choose not to have Enterprise Manager™ store the private keys in the UCS archive, you must manually restore the keys if you restore the archive.
  1. On the Main tab, click Enterprise Management > Options > Certificates > SSL Private Keys.
  2. From the Private Keys in Archives list, select an option:
    Option Description
    Include Select this option if you want the system to store private key data when it creates a configuration archive. This is the default setting.
    Exclude Select this option if you do not want the system to store private key data when it creates a configuration archive. Note that if you select this option, you must manually restore the keys if you restore the archive.
  3. Click Save Changes.

About the startup screen

Each time you log in to Enterprise Manager™ a startup screen displays. By default, the startup screen is the Welcome screen, but you have the option to change this screen if you find an alternative screen more useful.

Changing the default startup screen

You can customize your system to display a specific screen upon startup.

  1. On the Main tab, click System > Preferences.
  2. From the Start Screen list, select the default screen that you want displayed at startup.
Default startup screen options

You can use this table to determine which screens are most relevant to your needs.

Default startup screen option Description To access
Welcome Contains links to setup, support, plug-ins, and additional downloads. Click Overview and Welcome.
Performance Displays statistics related to the Enterprise Manager system performance. Click Overview and Performance.
Device List Displays a list of all of the devices you are managing with Enterprise Manager. Click Enterprise Management and Devices.
Task List Displays a list of running and completed tasks. Click Enterprise Management and Tasks.
Custom Lists Displays a customizable list of objects. Click Enterprise Management and Custom Lists.

About proxy servers for Enterprise Manager

If you do not want to expose the IP address of the Enterprise Manager system or devices, you can use a proxy server specific to the type of communication.

Proxy server Description
Internet proxy server For outbound communication from the EM to F5 Networks for download licensing information, support information, and Application Security Manager attack signature files
Device proxy server For communication between Enterprise Manager and managed devices in your network
iControl proxy server For inbound communication to managed devices, required for authentication, pass-through, and device inventory
SMTP proxy server For alert email notification

You can configure Enterprise Manager to use a single proxy for SSL and FTP connections, or to use a unique proxy for each protocol.

Specifying a device proxy server for communication between Enterprise Manager and devices

By default, Enterprise Manager™ communicates with devices through HTTPS. You have the option to specify a proxy server for communication between Enterprise Manager and your network devices.
  1. On the Main tab, click Enterprise Management > Options > Servers.
  2. In the Device Proxy Server area, select the Use Proxy check box. The screen refreshes, displaying additional options.
  3. In the EM-side SSL Proxy Address field, type the SSL proxy server address that you want to use for Enterprise Manager.
  4. If you want to use the same SSL proxy address for the device side, select the Also use this proxy address for the device-side connections check box.
  5. To specify a separate device-side SSL proxy address, clear the Also use this proxy address for the device-side connections check box and type an IP address in the Device-side SSL Proxy Address field.
  6. Click Save Changes.

Specifying a proxy for iControl communication

When you specify an iControl proxy, Enterprise Manager acts as a proxy to support authentication, pass-through, and device inventory using iControl
  1. On the Main tab, click Enterprise Management > Options > Servers.
  2. In the iControl Proxy area, select the Use Proxy check box.
  3. Click the Save Changes button.

Creating an SMTP server configuration

Specify the SMTP server details so that you can configure SMTP email notification.
  1. On the Main tab, click System > Configuration > Device > SMTP.
  2. Click the Create button. The New SMTP Configuration screen opens.
  3. In the Name field, type a name for the SMTP server that you are creating.
  4. In the SMTP Server Host Name field, type the fully qualified domain name for the SMTP server host.
  5. In the SMTP Server Port Number field, type a port number. For no encryption or TLS encryption, the default is 25. For SSL encryption, the default is 465.
  6. In the Local Host Name field, type the host name used in the SMTP headers in the form of a fully qualified domain name. This host name is not the same as the BIG-IP system's host name.
  7. In the From Address field, type the email address that you want displayed as the reply-to address for the email.
  8. From the Encrypted Connection list, select the encryption level required for the SMTP server.
  9. To require that the SMTP server validates users before allowing them to send email, select the Use Authentication check box and type the user name and password required to validate the user.
  10. Click the Finish button.
You can now configure the system to use this SMTP server to send emails.

Specifying a proxy server for downloading files and information

When you specify an Internet proxy, Enterprise Manager™ uses that proxy for tasks configured through its task wizards, such as the Licensing wizard.

For example, if you create a task to update the licensing information for a device, Enterprise Manager sends the licensing information through the specified proxy. Conversely, if instead of using the Licensing wizard, you select License option from the System menu on the Main tab to update the licensing information for a device, Enterprise Manager does not send the licensing information through the configured proxy.

  1. On the Main tab, click Enterprise Management > Options > Servers.
  2. On the menu bar, click Options.
  3. In the Internet Proxy Server area, select the Use Proxy check box. The screen refreshes, displaying additional options.
  4. In the SSL Proxy Address field, type the address of the SSL proxy server.
  5. If you want to use the same SSL proxy address for FTP connections, select the Always use this proxy address for the FTP protocol check box.
  6. To specify a separate SSL proxy for FTP connections, clear the Always use this proxy address for the FTP protocol check box and type an IP address in the FTP Proxy Address field.
  7. Click Save Changes.
Table of Contents   |   << Previous Chapter

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)