F5 Logo MyF5
Search
  1. MyF5 Home
  2. BIG-IP AFM: Network Firewall Policies and Implementations
  3. Protocol Security
  4. About protocol anomaly inspection
Manual Chapter : About protocol anomaly inspection

Applies To:

Show Versions Show Versions

BIG-IP AFM

  • 17.1.0, 17.0.0, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
Manual Chapter

About protocol anomaly inspection

In the BIG-IP Network Firewall, you can configure profiles to inspect traffic against protocol inspection items. Protocol inspection items are arranged in categories by the Service type. You can assign protocol inspection items individually or in groups. You can add a new inspection item by writing a valid Snort rule and defining matching characteristics. You can assign protocol inspection items to a firewall rule, or directly to a virtual server.
Rule precedence applies to protocol inspection profiles. The protocol inspection rules for the most granular context are applied. The only exception is that a virtual server firewall rule takes precedence over a profile applied directly toa virtual server. The order of precedence is:
  1. Profile applied to a virtual server firewall rule
  2. Profile applied directly to a virtual server
  3. Profile applied to a route domain
  4. Profile applied to the global context
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information