F5

Before You Begin

Prerequisites

Prerequisites for Managing F5 devices on AppViewX are:
  • IP Address/FQDN: IP Address/FQDN
  • User Privilege: Username and password, and API access
  • Credential List: AppViewX, CyberArk, HashiCorp, Thycotic, and BeyondTrust
  • Enable Password: Not required
  • License Check: Yes
  • Services and Ports for AppViewX Communication: Not required
  • Internet Access/Proxy if Required: Not required
  • Location from which Certificates are discovered if managed: Not applicable

Adding F5 Device

  1. Go to (Menu) > ADC+ > ASSET MANAGEMENT > Device Inventory.
    By default, the ADC tab opens.
  2. Click the WAF tab.
  3. Click the (Add) icon.
    The Device details page is displayed.
  4. Select f5 from the Vendors list.
  5. In the General Information section, select/enter the details as follows.
    Fields Description
    Platform Select the platform from the dropdown field. ASM is the default value.
    *Device name Enter a unique name for the device to be onborded.
    Communication Select from IP address and FQDN.
    *IP Address This field is displayed if Communication = IP Address

    Enter the IP address of the device to be onboarded.
    *FQDN This field is displayed if Communication = FQDN

    Enter the fully qualified domain name of the device to be onboarded.
    Data center Enter the data center name. It holds all the SSL related information that is to be retrieved from the server.
    Cert Sync Choose from any of the following:
    • Managed - AppViewX performs the config fetch operations and the certificates are discovered and managed in the inventory. CLM actions (push & bind, rollback etc.) can be performed on them.
    • Monitored - AppViewX performs the config fetch operations and the certificates are downloaded in the inventory in the read-only state. CLM actions cannot be performed on them.
    • Ignored - AppViewX only performs the config fetch operations for the devices. There is no certificate discovery performed.
    *: Mandatory fields
  6. In the Credentials section, select/enter the details as indicated below. The credentials entered in this section are used to authenticate the session between the AppViewX node and the WAF device.
    Fields Description
    *Credential Type Select the credential type from the dropdown.
    • Manual entry (default) - to directly add the credentials in the username and password text box.
    • Credential List - Appviewx - to use any credentials from the saved AppViewX Credential List.
    • Credential List - CyberArk - to use any credentials from the saved AppViewX CyberArk List.
    *Access type Select the method to access the F5 device. API is the default value.
    *Username This field will be visible if the Credential Type is selected as Manual entry.

    If the Credential Type is selected as Credential List - Appviewx, the username is entered by default and field is read only.

    If the Credential Type is selected as Credential List - Cyerark, this field is not displayed.

    Enter the designated username for Barracuda.
    *Password This field will be visible if the Credential Type is selected as Manual entry.

    If the Credential Type is selected as Credential List - Appviewx, the password is entered by default and field is read only.

    If the Credential Type is selected as Credential List - Cyerark, this field is not displayed.

    Enter the designated password to access Barracuda.
    *Credential list This field will be visible only if the Credential type is selected as Credential List - AppViewX or Credential List - CyberArk

    The dropdown contains a list of credentials stored in AppViewX.
    *Token based authentication Select the checkbox to enable the token based authentication.
    *: Mandatory fields
  7. In the Secondary device information section, select/enter the details as follows.
    Fields Description
    Secondary / Alternate device Select either Auto-detect or Manual entry.
    *Device name Enter a unique name for the secondary device to be onborded.
    Communication Select from IP address and FQDN.
    *IP Address This field is displayed if Communication = IP Address

    Enter the IP address of the secondary device to be onboarded.
    *FQDN This field is displayed if Communication = FQDN

    Enter the fully qualified domain name of the secondary device to be onboarded.
    *Rest port Enter the rest port number of the secondary device.
    Data center Enter the data center name. It holds all the SSL related information that is to be retrieved from the server.
    *: Mandatory fields
    In the Secondary device credentials section (displayed only if Secondary / Alternate device = Manual entry select/enter the details as follows.
    Fields Description
    *Use same credentials The Enable checkbox is used to fix the credentials type to either Credential List - Appviewx or Credential List - CyberArk based on its selection.
    *Credential type Select the credential type from the dropdown.
    • Manual entry (default) - to directly add the credentials in the username and password text box.
    • Credential List - Appviewx - to use any credentials from the saved AppViewX Credential List.
    • Credential List - CyberArk - to use any credentials from the saved AppViewX CyberArk List.
    *Access type Select the method to access the secondary device. API is the default value.
    *Username This field will be visible if the Credential Type is selected as Manual entry.

    If the Credential Type is selected as Credential List - Appviewx, the username is entered by default and field is read only.

    If the Credential Type is selected as Credential List - Cyerark, this field is not displayed.

    Enter the designated username for the secondary device.
    *Password This field will be visible if the Credential Type is selected as Manual entry.

    If the Credential Type is selected as Credential List - Appviewx, the password is entered by default and field is read only.

    If the Credential Type is selected as Credential List - Cyerark, this field is not displayed.

    Enter the designated password to access the secondary device.
    *Credential list This field will be visible only if the Credential type is selected as Credential List - AppViewX or Credential List - CyberArk

    The dropdown contains a list of credentials stored in AppViewX.
    *: Mandatory fields
  8. (Optional step) Click Add. This button is displayed only if Secondary device information is Manual entry. More than one devices can be configured. (use the Update and Delete buttons to make changes or remove the devices added.)
  9. Click Save.
    The device is onboarded successfully.