You can use Enterprise Manager to easily create and deploy security policies, logging profiles, and IP address exception lists to a large set of BIG-IP Application Security Manager devices.
At the core of Application Security Manager are customized security policies that are tailored to your network environment based on settings that you specify. Instead of logging in to each Application Security Manager device to administer these security policies, you can use Enterprise Manager to import, export, and deploy security policies from one central location.
You can deploy a security policy to one or more managed BIG-IP Application Security Manager devices, without having to log in to each of those devices individually.
Attack signatures are the foundation of the BIG-IP Application Security Manager system's negative security logic. Attack signatures are rules or patterns that identify attacks, or classes of attacks, on a web application and its components. Enterprise Manager can help you easily manage attack signatures for managed Application Security Manager devices by helping you easily obtain and deploy them to your managed BIG-IP Application Security Manager devices.
You can create a schedule for Enterprise Manager to check for, and download, newly updated attack signature definitions for images stored in the image repository. This feature helps you avoid performing unnecessary and potentially frequent manual checks for updated attack signature files.
An attack signature file must be downloaded (automatically by Enterprise Manager or manually) before you can install it on a managed BIG-IP Application Security Manager device. Before installation, verify that the attack signature is the most recent version available.
Enterprise Manager manages BIG-IP Application Security Manager logs through logging profiles. A logging profile determines where events are logged, and which items (such as which parts of requests, or which type of errors) are logged.
You can create a logging profile that stores logs locally on the managed device, or you can configure the managed device to forward log messages to a remote server.
IP address lists contain specified IP addresses that you have deemed as trusted. Managed BIG-IP Application Security Manager devices do not generate Policy Builder learning suggestions for traffic sent from these IP addresses, which reduces unnecessary traffic.
You can use Enterprise Manager to view reports for managed BIG-IP Application Security Manager devices that are provisioned for Application Visibility and Reporting (AVR).
Analytics reports provide detailed metrics about application performance such as transactions per second, server and client latency, request and response throughput, and sessions. Metrics are provided for applications, virtual servers, pool members, URLs, specific countries, and additional detailed statistics about application traffic running through one or more managed devices. You can view the analytics reports for a single device, view aggregated reports for a group of devices, and create custom lists to view analytics for only specified devices. In this way, Enterprise Manager provides centralized analytics reporting.
|Devices||Specifies a managed device or a list of managed devices for which you want to display statistics.|
|View all traffic by||Specifies type of data to view, and provides an optional filter so you can display more information.|
|Date range||Specifies the time period for which to display statistics (last hour, day, week, month).|
|Data visualization||Specifies how to format the data (details table, or line, pie, or bar chart).|
|Available measurements||Specifies up to six measurements to display in Details tables. Line, pie, or bar charts display only the first measurement.|
|Select this option||To see these application statistics|
|Overview||Top statistical information about traffic on your system or managed systems, such as the top virtual servers, top URLs accessed, and top applications. You can customize the information that is displayed.|
|Transactions||The HTTP transaction rate (transactions per second) passing through the web applications, and the number of transactions to and from the web applications.|
|Latency > Server Latency||The number of milliseconds it takes from the time a request arrives at the virtual server until a response arrives at the virtual server.|
|Latency > Page Load Time||The number of milliseconds it takes for a web page to fully load on a client browser, from the time the user clicks a link or enters a web address until the web page displays in its entirety.|
|Throughput > Request Throughput||HTTP request throughput in bits per second.|
|Throughput > Response Throughput||HTTP response throughput in bits per second.|
|Sessions > New Sessions||The number of transactions that open new sessions, in sessions per second.|
|Sessions > Concurrent Sessions||The total number of open and active sessions at a given time, until they time out.|