Manual Chapter : Comparing Web Application Security Policies

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 8.2.0, 8.1.0
Manual Chapter

Comparing Web Application Security Policies

Evaluating policy differences

Web Application Security allows you to compare two Application Security Manager (ASM) policies, and view differences between them. You can use the comparison for auditing purposes, to make two policies provide similar protection, or to simply view the differences between two security policies. This is particularly useful for comparing security policies a in staging and a production environment.
You can compare any imported or configured security policies including:
  • Active security policies (with or without Policy Builder)
  • Child Policies
  • Parent Policies
  • Inactive security policies
  • Policies not yet deployed to an managed BIG-IP.

Comparing policies

You must have Administrative or Web Application Security role access privileges to compare policies. You must have more than one Web Application Security policy.
Create a Web Application Security policy comparison audit to identify the security setting differences among your policies. You can use this comparison to adjust security settings, especially those that are currently in staging or monitoring.
The policy comparison will create an audit for any two security policies configured on BIG-IQ, regardless of the policy's deployment status.
  1. Go to
    Configuration
    SECURITY
    Web Application Security
    Policies
    .
  2. Select the check boxes next to the names of two security policies you would like to compare.
    Following the initial policy selection, you can run additional comparisons directly from the Compare Policies screen.
  3. Click
    More
    and select
    Compare Policies
    .
    The screen displays an audit of the differences in settings, by configuration section, and number of differences in each section.
  4. To export the results of the audit to PDF, click
    Export
    and select
    Print Preview...
    .
    The system will prompt you to confirm your selection. To proceed, click
    OK
    .
  5. To run a comparison for another policy, or pair of policies, select a policy from the list at the table header and click
    Run
    .
You can now use the results of the policy comparison audit to adjust your security policies, as required.