Manual Chapter :
Configuring APM for
Application Filtering
Applies To:
Show VersionsBIG-IP APM
- 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0
Configuring APM for
Application Filtering
About application
families
Access Policy Manager (APM) supports a predefined set of application families and
applications. An
application family
name characterizes the
type of applications associated with it. Users cannot add applications or application families to
APM. About application
filters
An
application filter
specifies the
applications (and application families) that Access Policy Manager (APM) supports and a filtering
action (allow or block) for each application. An application filter can be used in a per-request
policy in a supported APM configuration to control access to supported applications.APM provides predefined application filters: block-all, allow-all, and
default. The default application filter allows access to some application families and blocks
access to others. Users can define their own application filters and use those that APM provides.
Overview: Configuring filters for application access
Access Policy Manager (APM) provides a few default
application filters and you can configure additional filters. Application filtering is effected
in a per-request policy.
Task summary
Specifying the default filter action for an application
You can change the default filter action (block or allow) for any application. When
you create a new application filter, the applications in it specify the default filter
action.
A change to the default filter action for an application has
no effect on existing application filters.
- On the Main tab, click.The Applications screen displays.
- To view applications, expand an application family.
- To modify the default filter action for an application:
- Click the application name.An Application Properties screen displays.
- From theDefault Filter Actionlist, retain the displayed setting or select another.The options areBlockandAllow.
- ClickUpdate.The Applications screen displays.
The default filtering action for the application is updated and is used when a new
application filter is created.
Configuring
application filters
Configure an application filter to specify how to
process requests for access to applications or application families. You can configure
multiple application filters.
- On the Main tab, click.Click the name of any filter to view its settings.Default application filters, such as block-all, allow-all and default, are available. You cannot delete default application filters.The Application Filters screen displays.
- To configure a new application filter, click one of these:
- Createbutton - Click to start with an application filter with the default filter action specified for each application.
- Copylink - Click this link for an existing application filter in the table to start with its settings.
Another screen opens. - In theNamefield, type a unique name for the application filter.
- In theDescriptionfield, type any descriptive text.
- ClickFinished.The properties screen displays with an Associated Applications table.
- To block access to particular applications or entire application families, select them and clickBlock.When you select an application family, you also select the related applications. You can expand the application family and clear any applications that are selected.To block any applications that Secure Web Gateway cannot categorize, select the application familyUnknown.
- To allow access to particular applications or entire application families, select them and clickAllow.
To use an application filter, you must assign it
in a per-request policy. A per-request policy runs each time a request is made.