Manual Chapter : Changing the mobile alert threshold for sending alerts to the FPS dashboard

Applies To:

  • BIG-IP FPS

    21.0.0, 17.5.1, 17.5.0, 17.1.3, 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.6, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.0

Changing the mobile alert threshold for sending alerts to the FPS dashboard

Before changing the mobile alert threshold, you should create a mobile security anti-fraud profile.

Change the mobile alert threshold if you want to raise or lower the current alert threshold for determining when mobile alerts are sent to the FPS Dashboard.

  1. On the Main tab, click Security > Fraud Protection Service > Anti-Fraud Profiles.

    The Anti-Fraud Profiles screen opens.

  2. In the Anti-Fraud Profiles screen, click the mobile security anti-fraud profile in the profiles list.

    The Anti-Fraud Profile Properties screen opens.

  3. In the Anti-Fraud Configuration area, click Mobile Security.

    The list of Mobile Security configuration options appear.

  4. In the list of Mobile Security configuration options, click General Settings.

    The Alert Threshold field appears.

  5. Select the Customize All check box.

  6. In the Alert Threshold field, type a numerical score (0-100) for determining when alerts are sent to the FPS Dashboard.

    Alerts are sent to the FPS Dashboard if the score is greater than the alert threshold, according to the following criteria:

Type of detection

Alert sent when…

Man in the Middle

An alert is sent if MobileSafe detects DNS Spoofing and/or Certificate Forging on a given domain and the total score for both DNS Spoofing and Certificate Forging is greater than the alert threshold. Scores for different domains are not added together.

Rooting/Jailbreaking, OS Security, Application Integrity

**If MobileSafe SDK 4.0 or a later version is installed on your protected app:**Since Rooting/Jailbreaking detection and OS Security detection are not relevant, an alert is sent if MobileSafe detects repackaging on a protected app and the score for Application Integrity is greater than the alert threshold.

If the version of the MobileSafe SDK installed on your protected app is earlier than 4.0: An alert is sent if MobileSafe detects rooting/jailbreaking on the protected app, and/or an unsecure OS version, and/or repackaging; and the total score for Rooting, Jailbreaking, OS Security, and Application Integrity is greater than the alert threshold.

Malware Detection

An alert is sent if MobileSafe detects malware or suspicious behavior on the protected app and the score for detected malware or behavior analysis is greater than the alert threshold. Scores for different types of detected malware and behavior analysis are not added together.

  1. Click Save.

    The anti-fraud profile is updated with the changes you made.