Manual Chapter : Adding an access policy item with configurable properties

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 15.0.0
Manual Chapter

Adding an access policy item with configurable properties

Before you start this task, configure an access profile.
Configure an access policy with configurable properties to check for specific items or policies.
  1. On the Main tab, click
    Access
    Profiles / Policies
    .
    The Access Profiles (Per-Session Policies) screen opens.
  2. In the Per-Session Policy column, click the
    Edit
    link for the access profile you want to configure.
    The visual policy editor opens the access policy in a separate screen.
  3. Click the
    (+)
    icon anywhere in the access policy to add a new item.
    Only an applicable subset of access policy items is available for selection in the visual policy editor for any access profile type.
    A popup screen opens, listing predefined actions on tabs such as General Purpose, Authentication, and so on.
  4. Select an action with configurable properties, then click
    Add Item
    :
    Logon
    External Logon Page
    Presents an external logon page for the client.
    Logon
    HTTP 401 Response
    Provides a custom HTTP 401 logon page.
    Logon
    HTTP 407 Response
    Provides a custom HTTP 407 logon page.
    Logon
    Logon Page
    Provides a custom logon page that you can configure entirely from the properties screen.
    Logon
    Virtual Keyboard
    Provides a configurable virtual keyboard for logon information entry.
    Logon
    VMware View Logon Page
    Provides a custom logon page for VMware View.
    Endpoint Security (Client-Side)
    Anti-Spyware
    Checks that the client is running specified anti-spyware software.
    Endpoint Security (Client-Side)
    Antivirus
    Checks that the client is running specified antivirus software.
    Endpoint Security (Client-Side)
    Firewall
    Checks that the client is running specified firewall software.
    Endpoint Security (Client-Side)
    Hard Disk Encryption
    Checks that the client hard disk is encrypted.
    Endpoint Security (Client-Side)
    Linux File
    Allows a check for a specific file with specified properties on a Linux system.
    Endpoint Security (Client-Side)
    Linux Process
    Allows a check for a specific process on Linux systems.
    Endpoint Security (Client-Side)
    Mac File
    Allows a check for a specific file with specified properties on a Mac.
    Endpoint Security (Client-Side)
    Mac Process
    Allows a check for a specific process on a Mac.
    Endpoint Security (Client-Side)
    Machine Cert Auth
    Allows a check for a machine certificate.
    Endpoint Security (Client-Side)
    Patch Management
    Allows a check for patches to specific files.
    Endpoint Security (Client-Side)
    Peer-to-peer
    Allows a check for peer to peer software on a system.
    Endpoint Security (Client-Side)
    Windows Cache and Session Control
    Allows you to configure Windows clients to clean certain items after the session closes.
    Endpoint Security (Client-Side)
    Windows File
    Allows a check for a specific file with specified properties on Windows systems.
    Endpoint Security (Client-Side)
    Windows Health Agent
    Allows a check for a health agent on Windows systems.
    Endpoint Security (Client-Side)
    Windows Process
    Allows a check for a specific process on Windows systems.
    Endpoint Security (Client-Side)
    Windows Protected Workspace
    Allows configuration of a protected workspace in Windows.
    Endpoint Security (Client-Side)
    Windows Registry
    Allows a check for a specific registry value in Windows.
    General Purpose
    Decision Box
    Allows configuration of a choice of two branches for the user, with custom text describing each choice.
    General Purpose
    Email
    Sends an email, when reached in the access policy.
    General Purpose
    iRule Event
    Allows configuration of a choice of two branches for the user, with custom text describing each choice.
    General Purpose
    Local Database
    Allows you to add entries to a local database.
    General Purpose
    Logging
    Allows you to log a session variable result.
    General Purpose
    Message Box
    Shows a message, and requires the user to click to continue.
    A properties screen opens.
  5. Configure the properties for the item.
  6. Click
    Save
    .
    The properties screen closes and the policy displays.
The access policy is configured with the empty action you have configured.
Click the
Apply Access Policy
link to apply and activate your changes to this access policy.
To ensure that logging is configured to meet your requirements, verify the log settings for the access profile.