Policy Enforcement Manager (PEM) gives the BIG-IP system the ability to classify both encrypted and unencrypted traffic into categories for application visibility. You can display statistics about the network traffic in graphical charts, and view classification information by application, category, protocol, virtual server, country, type of device, and so on. In-depth information and application awareness provides visibility into your network infrastructure so you can identify and monitor different types of traffic and resolve performance issues.

Application visibility is particularly useful for service providers. If your organization is using RADIUS protocol for authentication, authorization, and accounting, PEM can intercept accounting messages to retrieve additional information, for example, about mobile devices, subscribers, towers, service plans, and manufacturers.

Charts shown on the Statistics > Classification screens display the application visibility data. The classification overview is customizable so you can display the charts or tables that you want. The overview shows top statistics for the categories of which you are most interested.

1. On the Main tab, click Policy Enforcement > Classification. The Classification screen opens showing a list of the supported classification categories.
2. To view the applications in each category, click the + icon next to the category.
3. To view or edit the properties of the application or category, click the name to open its properties screen.
   Tip: Here you can view the application or category ID number.
4. Adjust the properties of the application or category, if necessary.
   • In the Description field, you can add text to describe the application or category.
   • Set State to Enabled to use this classification, or to Disabled not to use it.
   • For categories only, set iRule Eventto Enabled if you want the system to trigger an iRule event when it recognizes traffic in this category, or set to Disabled if you do not.
   • In the Category or Application List field, you can change which category an application is in, or which applications are in the category.
5. Click Update to save any changes.

1. On the Main tab, click Policy Enforcement > Listeners. The Listeners screen opens.
2. Click Create. The New Listener screen opens.
3. In the Name field, type a unique name for the listener.
4. For the Destination setting, select Host or Network, and type the IP address or network and netmask to use.
   Tip: You can use a catch-all virtual server (0.0.0.0) to specify all traffic that is routed to the BIG-IP system.
   The system will create a virtual server using the address or network you specify.
5. For the Service Port setting, type or select the service port for the virtual server.
6. Subscriber provisioning using RADIUS is enabled by default. If your system is using RADIUS for snooping subscriber identity, you need to specify VLANs and tunnels. If you are not using RADIUS, you need to disable it.
   • For the VLANs and Tunnels setting, move the VLANs and tunnels that you want to monitor for RADIUS traffic from the Available list to the Selected list.
   • If you do not want to use RADIUS, from the Subscriber Identity Collection list, select Disabled.
7. In the Policy Provisioning area, select enforcement policies to apply to the traffic.
   1. For Global Policy, move policies to apply to all subscribers to High Precedence or Low Precedence.
      Note: For URL categorization to take effect, you need to associate the enforcement policy with a classification profile.
   2. For Unknown Subscriber Policy, move policies to use if the subscriber is unknown to Selected.
   The system applies the global policy to all subscribers in parallel with the subscriber policies, and must be configured with unknown subscriber policy. High-precedence global policies override conflicting subscriber policies, and low-precedence policies are overridden by conflicting subscriber policies.
8. Click Finished. The Policy Enforcement Manager creates a listener, and displays the listener list.

1. On the Main tab, click Statistics > Classification. The Classification Overview screen opens where you can view a summary of the top classification statistics.
2. Review the statistics provided. To quickly change the format of the information, click the icon to the left of the time period. You can display information in a table, line chart, pie chart, or bar chart.
3. Click the time period (Last Hour, Last Day, Last Week, Last Month, or Last Year), to change the interval used for displaying content.
4. To permanently change the format or content of any of the charts, click the cog on the chart, select Settings, and adjust the fields in the form.
5. To display additional charts or tables, click the Add Widget link and complete the form. The chart you create becomes a permanent part of the Classification Overview screen.
6. On the menu bar, click Statistics. The Classification Statistics screen opens and the charts display detailed classification statistics by application.
7. Adjust the statistics content in any of the following ways:
   • Use the View By setting or Advanced Filters to change the type of classification data shown.
   • Use the Time Period setting to change the interval for which statistics are shown.
   • Use the Measurement to display setting to change the display of statistics to bits, bytes, or sessions.
   • Use the Display method setting to show statistics in different formats.
   • Use the Expand Advanced Filters setting to fine-tune even further which types of reports to display.
8. Get detailed information in any of the following ways:
   • Point on the charts to display the details.
   • Review the Details table to see the statistics.
   • In the Details table, click the name of one of the items (application, category, protocol, and so on) to see classification details about that specific item.
   • Use the Display method setting to show statistics in different formats.
   The easiest way to learn what classification information is available is to look at the charts and view the content and details in different ways. As you drill down into the statistics, you can locate more details and view information for a specific item.
9. To generate and export a PDF or CSV file of a report to save or email, click Export, select the settings, and fill in the appropriate fields.
   Note: You must have an SMTP email server configured to use the email option. On the Main tab, click System > Configuration > Device > SMTP.