Manual Chapter : Managing Virtual Servers in Shared Security
Applies To:Show Versions
BIG-IQ Centralized Management
Managing Virtual Servers in Shared Security
About virtual servers
On BIG-IP devices, virtual servers can have security objects, such as DoS profiles, SSH profiles, or log profiles, attached to them. You create virtual servers using the Local Traffic service, and then use them from within Shared Security. You can modify only some of the virtual server properties within Shared Security. To modify other virtual server properties, use the Local Traffic service.
The BIG-IQ Centralized Management system can successfully discover only BIG-IP devices that are using supported profile types. If the system attempts to discover a BIG-IP device that is using an unsupported type of profile:
- You might see an invalid profile error during discovery.
- The BIG-IQ Centralized Management system does not successfully discover the BIG-IP device.
View and edit virtual server shared security
You can view and modify virtual servers within Shared Security to manage the security objects that might be part of a virtual server. To modify other virtual server properties, use the Local Traffic service.
You can access a specific virtual server's Shared Security configuration by selecting a virtual server found in the Network Security's context list () or the Web Application Security's virtual server list ( ). Once selected, click the link provided under the Properties area.
- On the virtual servers properties screen, modify the editable the properties as needed.Depending on the setting configured, you can only edit some of the properties.
- In theDoS Profilesetting, select the DoS profile to use.You define DoS profiles using the Shared Security DoS Profiles screen.
- In theSSH Profilesetting, select the SSH profile to use.You define SSH profiles using the Shared Security SSH Profiles screen.
- In theIP Intelligencesetting, select the IP intelligence policy to use.You define IP intelligence policies using the Shared Security IP Intelligence Policies screen.
- In theMaximum Bandwidthsetting, type the maximum bandwidth allowed, in Mbps.Set this value to 0 to specify no bandwidth limit.
- In theLog Profilessetting, select one or more log profiles to use.You define log profiles using the Shared Security Logging Profiles screen.
- Save your work.
The virtual server is updated with your changes. You make other changes to the virtual server using this screen:.
Configure DoS event logging from the virtual server
You enable DoS event logging using the virtual servers displayed in the list. When enabled, you can view these DoS events using thescreens.
- Click.The Virtual Servers screen opens.
- To enable logging of DoS events, click the check box next to the virtual server to configure, and clickConfigure DoS Logging.To disable logging of DoS events, click the check box next to the virtual server to configure, and clickDisable DoS Logging.
The DoS Logging Configuration dialog box opens so that you can begin the configuration process.
Review the information about the configuration process before continuing. This is described in the
Monitoring DoS eventstopics in
F5 BIG-IQ Centralized Management: Monitoring and Reportingon