SIRP

BIG-IP Local Traffic Manager (LTM) and BIG-IP DNS handle your application traffic and secure your infrastructure. You'll get built-in security, traffic management, and performance application services, whether your applications live in a private data center or in the cloud.

In SIRP, Application Service Manager (F5 Big-IP) allows you to execute the following actions:

Navigate to the Security section &gt; Guided configuration

Select API Security Protection &gt; Rest API Security

Click Next at the bottom of the page

Set Enforcement mode to Blocking then Save &amp; next

Select Default REST API Endpoint Protection then Save &amp; Next

Leave virtual server properties blank &amp; Save &amp; Next

- Access F5 Big IP via a web browser
- Navigate to the Security section &gt; Guided configuration
- Select API Security Protection &gt; Rest API Security
- Click Next at the bottom of the page
- Set the Security Policy name
- Set Enforcement mode to Blocking then Save &amp; next
 
 
 
- Select Default REST API Endpoint Protection then Save &amp; Next
 
 
 
- Leave virtual server properties blank &amp; Save &amp; Next
- Deploy

Now login to SIRP, and enable the app Application Security Manager in the apps section.

Now click configure and add the following details and click Save:

- Configuration Name: &lt;Enter configuration of choice
- URL: &lt;Enter URL of ASM&gt;
- Username: &lt;Login credentials used to log into F5&gt;
- Password: &lt;Login credentials used to log into F5&gt;
- Policy_name: &lt;Security policy name set when configuring REST API&gt;

Give the Policy name (same policy name that has already been created earlier on the web interface of F5 Big-IP) then click save.

- Now click configure and add the following details and click Save:
 - Configuration Name: &lt;Enter configuration of choice
 - URL: &lt;Enter URL of ASM&gt;
 - Username: &lt;Login credentials used to log into F5&gt;
 - Password: &lt;Login credentials used to log into F5&gt;
 - Policy_name: &lt;Security policy name set when configuring REST API&gt;
- Give the Policy name (same policy name that has already been created earlier on the web interface of F5 Big-IP) then click save.

Now you will be able to perform all supported actions from SIRP.

F5 Application Security Manager viewing the Entries

<a href="#_Toc121222915">1.</a><a href="#_Toc121222915"> For Viewing the IP entries. 1</a>

<a href="#_Toc121222916">1.</a><a href="#_Toc121222916"> For Viewing the URL entries. 2</a>

<a href="#_Toc121222917">2.</a><a href="#_Toc121222917"> For Viewing the Host names entries. 3</a>

These entries are pushed into F5 Application Security Manager by SIRP through the rest API’s these profiles need to tag in block policies for blocking actions to be performed

<a href="" rel="nofollow noopener noreferrer" target="_blank">1. For Viewing the IP entries</a>

<a href="https://192.168.1.21/xui/" rel="nofollow noopener noreferrer" target="_blank">Security</a> ›› <a href="https://192.168.1.21/dms/asm/policies" rel="nofollow noopener noreferrer" target="_blank">Application Security : Security Policies : Policies List</a> ›› SIRP_access_policy

<a href="" rel="nofollow noopener noreferrer" target="_blank">1. For Viewing the URL entries</a>

<a href="https://192.168.1.21/xui/" rel="nofollow noopener noreferrer" target="_blank">Security</a> ›› <a href="https://192.168.1.21/dms/policy/pl_objects.php" rel="nofollow noopener noreferrer" target="_blank">Application Security : URLs : Allowed URLs : Allowed HTTP URLs</a>

<a href="" rel="nofollow noopener noreferrer" target="_blank">2. For Viewing the Host names entries</a>

<a href="https://192.168.1.21/xui/" rel="nofollow noopener noreferrer" target="_blank">Security</a> ›› <a href="https://192.168.1.21/dms/policy/pl_host_names.php" rel="nofollow noopener noreferrer" target="_blank">Application Security : Headers : Host Names</a>

S.no	Action	Description
1	PUSH HOSTNAME TO POLICY	Push Hostname to the policy on F5 Big IP for blocking
2	PUSH URL TO POLICY	Push URL to the policy on F5 Big IP for blocking
3	PUSH IP TO POLICY	Push IP to the policy on F5 Big IP for blocking
4	REMOVE HOSTNAME FROM POLICY	Remove Hostname to the policy on F5 Big IP for blocking
5	REMOVE URL FROM POLICY	Remove URL to the policy on F5 Big IP for blocking
6	REMOVE IP FROM POLICY	Remove IP to the policy on F5 Big IP for blocking
7	LIST POLICIES	List all policies that have been created for API-based actions
8	GET POLICY PARAMETERS	Gets all the parameters that have set in the policy

About F5 Big-IP

Supported Actions

Enable and Configure the Big IP ASM App

Configure The SIRP App

F5 Application Security Manager viewing the Entries

1. For Viewing the IP entries

1. For Viewing the URL entries

2. For Viewing the Host names entries