What’s that?  No sadly enough, I didn’t set a new land speed record in my Jeep.  Of course that’s not from a lack of trying!  So what exactly do I mean when I say from 0 to 4100?  Well I am referring to the BIG-IP 4100 Application Security Manager.  We have a standalone BIG-IP 4100 at work and I have recently had the opportunity to help integrate it into our network.  In the last two weeks I have gone from knowing 0 about it, to having it up and running on production traffic… hence the title “0 to 4100..”.

For those not familiar with the BIG-IP ASM™ 4100, it is an application firewall that has no equal.  It can be easily configured to protect your enterprise applications from a wide variety of attacks and help you meet key regulatory mandates like PCI DSS, HIPPA and SOX.  With the rapid rise of SQL Injection, buffer overflow and XML attacks, having one of these bad boys to protect your network is essential.

I have personally built numerous security policies and I used the deployment guide “Implementing a Security Policy for a Production Web Site or Application” as a guidance tool.  It can be downloaded off of the official F5® website at:

www.f5.com/pdf/deployment-guides/implementing-security-policy-dg.pdf

The deployment guide does an outstanding job of explaining how to setup a security policy and apply it to a production system without having a negative impact on traffic.  That’s a must in the environment that I work in and I am sure that holds true in yours as well.

Having created a few policies on my own I have learned a trick or two about the process and I will share those with you over my next few postings.  I will be covering how to customize your security policies, what exactly the processes associated with the ASM™ module do and go into detail about a load balancing trick that I learned from a wise man.  Below is a picture I took of the Web Applications screen after the initial configuration of a few policies while they were still being run in Transparent mode.  I should have those postings up over the next few days so stay tuned for more!

4100_PolicyScreen

Share

No Comment.

Add Your Comment