Manual Chapter :
Managing Signature Files
Applies To:
Show Versions
BIG-IQ Centralized Management
- 6.0.1
Managing Signature Files
About signature files in Web Application
Security
Through Web Application Security, you can view and manage signature files and signature file
updates centrally for multiple BIG-IP® devices. For each signature file,
the system displays the file name, the file version, the version of BIG-IP with which it is
compatible, and its source. You can also update certain signature file settings. By managing
signature files from the BIG-IQ® Centralized Management platform, the
administrator can spend less time on signature updates, and can view the signatures update
information in a single central location. The BIG-IP system includes an attack signature pool
and a bot signature pool. These pools include the system-supplied attack signatures and bot
signatures, which are shipped with the BIG-IP Application Security Manager, and any
user-defined signatures.
Web Application Security fetches all new and relevant signature files from an external
server, which may use a proxy. You can configure a proxy from the BIG-IQ Centralized
Management system (). The BIG-IQ Centralized Management system can then push the signature files to
the relevant BIG-IP device or devices. It displays the signature version for each device.
Web Application Security signature file processing, such as importing, downloading,
installing (pushing to devices), and deleting signature files, requires the following built-in
roles, or the equivalent permissions on a custom role: Administrator, Security Manager, or Web
App Security Manager.
View and install individual signature
files
Before you start this task, make sure
that your current BIG-IQ® Centralized Management account has
Administrator, Security Manager, or Web App Security Manager credentials, or a custom
role with equivalent permissions. These permissions are required for importing,
downloading, and installing signature files.
You
can edit and install individual signature files with the Signature Files
screen.
- Click .
- To view and install a signature file, click the file name.The signature file properties screen opens.
- Review the information about the signature file in the read only fields.
- TheNamesetting displays the name of the signature file.
- TheVersionsetting displays the version of the signature file.
- TheCompatibilitysetting displays the BIG-IP device version that should be used with this signature file.
- TheSourcesetting displays the source of the signature file.
- In theInstall to Devicessetting, specify which BIG-IP devices should receive the signature file by moving them from theAvailable Deviceslist to theSelected Deviceslist.
- In theInstall Tosetting, specify which grouping of BIG-IP devices should receive the signature file.
- SelectAll Devicesto install the signature file to all listed BIG-IP devices.
- SelectActive Devices Onlyto install the signature file to all listed BIG-IP devices, except for those devices that are the inactive members of a cluster.
Once a signature file is deployed to an active clustered BIG-IP device, a synchronization task will run on the BIG-IP device cluster. - In the Related Devices area, review the BIG-IP devices listed.
- Expand the Readme area to view details about the changes to the signature file.
- ClickInstallto have the signature file installed on the selected BIG-IP devices.Or you can clickCancelto remove any changes and not install the signature file.
Update and install all signature files
Before you start this task, make sure
that your current BIG-IQ® Centralized Management account has
Administrator, Security Manager, or Web App Security Manager credentials, or a custom
role with equivalent permissions. These permissions are required for importing,
downloading, and, installing signature files.
You can schedule signature file
updates and installations for all signature files, using the Settings screen.
- Click .
- ClickSettings.The Settings screen opens.
- For theRemote Updatessetting, selectEnabledto allow remote signature file updates.If this setting is disabled, the other settings are not displayed.
- In theIntervalsetting, select how often the scheduled update should run.
- For theStarting atsetting, specify when the scheduled update and installation should begin.You must specify a day after the current day.
- Review when theLast Updateoccurred.
- In theProxysetting, select the proxy to use when retrieving signature files, or selectNone.You can configure proxies from the BIG-IQ Centralized Management system ().
- In theNext Updatesetting, review when the next update is schedules to occur.
- In theLast Run Statussetting, review the status of the last file update.Possible statuses include:Passed, orFailed.
- For theInstall Tosetting, specify which grouping of BIG-IP devices should receive the signature file.
- SelectAll Devicesto install the signature file to all listed BIG-IP devices.
- SelectActive Devices Onlyto install the signature file to all listed BIG-IP devices, except for those devices that are the inactive members of a cluster.
Once a signature file is deployed to an active clustered BIG-IP device, a synchronization task will run on the BIG-IP device cluster. - Save your work.
