Manual Chapter : Comparing Web Application Security Policies
Applies To:Show Versions
BIG-IQ Centralized Management
- 8.3.0, 8.2.0, 8.1.0
Comparing Web Application Security Policies
Evaluating policy differences
Web Application Security allows you to compare two Application Security Manager (ASM) policies, and view differences between them. You can use the comparison for auditing purposes, to make two policies provide similar protection, or to simply view the differences between two security policies. This is particularly useful for comparing security policies a in staging and a production environment.
You can compare any imported or configured security policies including:
- Active security policies (with or without Policy Builder)
- Child Policies
- Parent Policies
- Inactive security policies
- Policies not yet deployed to an managed BIG-IP.
You must have Administrative or Web Application Security role access privileges to compare policies. You must have more than one Web Application Security policy.
Create a Web Application Security policy comparison audit to identify the security setting differences among your policies. You can use this comparison to adjust security settings, especially those that are currently in staging or monitoring.
The policy comparison will create an audit for any two security policies configured on BIG-IQ, regardless of the policy's deployment status.
- Go to.
- Select the check boxes next to the names of two security policies you would like to compare.Following the initial policy selection, you can run additional comparisons directly from the Compare Policies screen.
- ClickMoreand selectCompare Policies.The screen displays an audit of the differences in settings, by configuration section, and number of differences in each section.
- To export the results of the audit to PDF, clickExportand selectPrint Preview....The system will prompt you to confirm your selection. To proceed, clickOK.
- To run a comparison for another policy, or pair of policies, select a policy from the list at the table header and clickRun.
You can now use the results of the policy comparison audit to adjust your security policies, as required.