Manual Chapter : Managing Network Whitelists in Shared Security

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 5.4.0
Manual Chapter

About network whitelists

You use network whitelists to define network addresses that are allowed to bypass the checks in a DoS profile. The Network White Lists screen displays the managed BIG-IP® devices that might have network whitelists defined. Click the name of a BIG-IP device to display the network whitelists that are defined. A maximum of 8 network white lists are allowed for each BIG-IP device

Create network whitelist

You create network whitelists to bypass checks in a DoS profile.
  1. Click Configuration > SECURITY > Shared Security > DoS Protection > Network White Lists .
  2. Click the name of the BIG-IP ®device on which to create the network white list.
  3. In the Source Address List setting, select the IP address from which the packet is coming.
  4. Click Create to add a network white list.
  5. Type a Name for the network white list, and an optional Description that will be useful in your environment.
  6. In the Protocol setting, leave the default value, Any, or select the appropriate network protocol.
  7. For the Address Type setting, specify the type of addresses being handled: Source or Destination.
    The properties available change based on your choice.
  8. In the Address setting, leave the default value, Any, or select Specify and provide the address in the provided field.
    You can specify IPv4 or IPv6 addresses in CIDR notation as the address. You can specify a source address or destination address, but not both in the same white list entry.
  9. If you selected a source address type, in the VLAN setting, leave the default value, Any, select the appropriate VLAN, or select Other and provide a VLAN tag number.
  10. If you selected a destination address type, in the Port setting, leave the default value, Any, or select the appropriate port.
    The system provides the default port number value for each port type when the Protocol is set to TCP or UDP.
  11. When you are finished, click OK.
  12. Save your changes.