Manual Chapter : Adding an access policy item with preconfigured branch rules

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 15.0.0
Manual Chapter

Adding an access policy item with preconfigured branch rules

Before you start this task, configure an access profile.
Configure an access policy with preconfigured branch rules to add preconfigured settings and branches to an access policy.
  1. On the Main tab, click
    Access
    Profiles / Policies
    .
    The Access Profiles (Per-Session Policies) screen opens.
  2. In the Per-Session Policy column, click the
    Edit
    link for the access profile you want to configure.
    The visual policy editor opens the access policy in a separate screen.
  3. Click the
    (+)
    icon anywhere in the access policy to add a new item.
    Only an applicable subset of access policy items is available for selection in the visual policy editor for any access profile type.
    A popup screen opens, listing predefined actions on tabs such as General Purpose, Authentication, and so on.
  4. Select an action with preconfigured branch rules, and click
    Add Item
    :
    Endpoint Security (Server-Side)
    Client for MS Exchange
    Checks that the system is a client for Microsoft Exchange.
    Endpoint Security (Server-Side)
    Client OS
    Provides branches based on the result of an operating system check on the client.
    Endpoint Security (Server-Side)
    Client Type
    Provides branches based on the result of an client type check.
    Endpoint Security (Server-Side)
    Client-Side Capability
    Checks whether the client can run client side checks and provides positive and fallback branches.
    Endpoint Security (Server-Side)
    Date Time
    Provides branches based on a certain date or time.
    Endpoint Security (Server-Side)
    IP Geolocation Match
    Provides branches based on a specific geographic origin for the client.
    Endpoint Security (Server-Side)
    IP Reputation
    Checks the client IP against an IP reputation database.
    Endpoint Security (Server-Side)
    Jailbroken or Rooted Device Detection
    Provides branches based on whether the device appears to be jailbroken or rooted.
    Endpoint Security (Server-Side)
    Landing URI
    Provides branches based on a specific landing URI.
    Endpoint Security (Server-Side)
    License
    Provides branches based on the available global APM licenses.
    Endpoint Security (Client-Side)
    Windows Info
    Provides branches based on specific Windows information, such as operating system type and patch level.
    A properties screen opens.
  5. Click the Branch Rules tab.
    The Branch Rules screen opens.
  6. View the preconfigured branch rules.
    You can make changes to the branch rules, or close the item.
  7. Click
    Save
    .
    The properties screen closes and the policy displays.
The access policy is saved with the action you have configured.
Click the
Apply Access Policy
link to apply and activate your changes to this access policy.
To ensure that logging is configured to meet your requirements, verify the log settings for the access profile.