Manual Chapter : Managing Cookie Protection

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 6.0.1
Manual Chapter

Managing Cookie Protection

Create or change cookie protection settings

You can create or change protection settings for cookies in your Web Application Security policies on the BIG-IP device. You can also import cookie protection settings to the BIG-IQ system when you import your BIG-IP device configuration. Cookies are used both for policy enforcement (domain cookies) and for other ASM features (other ASM cookies).
  1. Click
    Configuration
    SECURITY
    Web Application Security
    Cookie Protection
    .
  2. Select an existing cookie protection configuration or create a new one:
    • For a new cookie protection configuration, click
      Add
      and provide a
      Name
      .
    • To change the settings on an existing cookie protection configuration, click the configuration name.
  3. In the
    Algorithm Selection
    setting, select the overall cookie security level for all cookie algorithms.
    This sets default protection for both the
    Domain Cookie Protection
    and the
    Other ASM Cookies
    settings.
    • Secure
      sets the security settings to the AES algorithm.
      This uses more system resources.
    • Fast
      sets the security settings to the BC5 algorithm.
    If you want to, you can override the default security settings, which causes the
    Algorithm Selection
    setting to change to
    Custom
    .
  4. If you want to override the default
    Domain Cookies Protection
    setting, select the scramble algorithm that the system uses to protect domain cookies. To choose to not protect domain cookies with an algorithm, select
    None
    .
    Overriding the default setting changes the
    Algorithm Selection
    to
    Custom
    , creating a custom configuration.
  5. If you want to override the default
    Other ASM Cookies
    setting, select the scramble algorithm that the system uses to protect other ASM cookies. To choose to not protect other ASM cookies with an algorithm, select
    None
    .
    Overriding the default setting changes the
    Algorithm Selection
    setting to
    Custom
    , creating a custom configuration.
  6. Save your work.