Manual Chapter :
Monitoring Web Application Security statistics
Applies To:
Show VersionsBIG-IQ Centralized Management
- 8.0.0
Monitoring Web Application Security statistics
When Analytics is enabled on BIG-IQ, and AVR is provisioned on managed
BIG-IP devices, you can view detailed insights about the traffic that violated your
security policies. Data can indicate the need for changes to the application service's protection.
Policy management indicators can include, but are not limited to:
- Policy enforcement settings: A security policy may be deployed inTransparentorBlockingenforcement modes. Depending on your environment you may want to change these settings following the application services's deployment.
- Increased in bad traffic: Drill down into traffic details, such as geolocation or malicious requests, or targeted URLs to identify sources of an attack. Based on these results, the security admin can enable strict enforcement for specific objects.
- False Positives: Application service alerts of increased false positives may indicate that enforcement settings are too strict and need adjustment.
To view traffic statistics for objects with Web Application Security policy protection,
you must have the following settings configured.
- A BIG-IQ data collection device configured for the BIG-IQ device
- The BIG-IP device located in your network and running a compatible software version
- Statistics collection enabled for managed BIG-IP devices
- AVR provisioned on your BIG-IP devices