Manual Chapter : Managing Network Whitelists in Shared Security

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 6.0.1
Manual Chapter

Managing Network Whitelists in Shared Security

About network whitelists

You use network whitelists to define network addresses that are allowed to bypass the checks in a DoS profile. The Network White Lists screen displays the managed BIG-IP® devices that might have network whitelists defined. Click the name of a BIG-IP device to display the network whitelists that are defined. A maximum of 8 network white lists are allowed for each BIG-IP device

Create network whitelist

You create network whitelists to bypass checks in a DoS profile.
  1. Click
    Configuration
    SECURITY
    Shared Security
    DoS Protection
    Network White Lists
    .
  2. Click the name of the BIG-IP ®device on which to create the network white list.
  3. In the
    Whitelist Address List
    setting, select the IP address from which the packet is coming.
  4. Click
    Create
    to add a network white list.
  5. Type a
    Name
    for the network white list, and an optional
    Description
    that will be useful in your environment.
  6. In the
    Protocol
    setting, leave the default value,
    Any
    , or select the appropriate network protocol.
  7. In the
    VLAN
    setting, leave the default value,
    Any
    , select the appropriate VLAN, or select
    Other
    and provide a VLAN tag number.
  8. For the
    Address Type
    setting, specify the type of addresses being handled:
    Source
    or
    Destination
    .
    The properties available change based on your choice.
  9. In the Source area
    Address
    setting, leave the default value,
    Any
    , or select the field to the right and provide the address.
    You can specify IPv4 or IPv6 addresses in CIDR notation as the address. You can specify a source address or destination address, but not both in the same white list entry.
  10. In the Destination area
    Address
    setting, leave the default value,
    Any
    , or select the field to the right and provide the address.
  11. In the Destination area
    Port
    setting, leave the default value,
    Any
    , or select the appropriate port.
    The system provides the default port number value for each port type when the
    Protocol
    is set to
    TCP
    or
    UDP
    .
  12. When you are finished, click
    OK
    .
  13. Save your changes.