Follow

How to Configure Threat Intelligence Profiles and Add to Proxies

Description

  • how to configure Threat Intelligence profiles
  • how to add Threat Intelligence profiles to proxies

Important Notes

  • Multiple Threat Intelligence Profiles may be applied to a single account's different proxies.
  • Threat Intelligence Profiles overrule the IP Allowlist. If an address on an IP Allowlist is also present on an applied Threat Intelligence profile set to Block, the traffic from that host will be blocked. 

 

Environment

  • Silverline DDoS
  • Silverline WAF
  • Proxy
  • Threat Intelligence

 

Procedure

How to Configure Threat Intelligence Profiles

  1. In Silverline Portal, navigate to Config > Threat Intelligence Profiles.  Only appears if the service is active for the account. Reach out to F5 Silverline Sales if you would like to add on Threat Intelligence
  2. Click the Add button.
  3. Give the profile a Name
  4. Select an Action (Allow or Block) for each category to which the action should be applied. 
  5. Click Save.

Threat Intelligence Profile home page now shows Profile and the deployment status.

 

How to Assign Threat Intelligence Profile to a Proxy

  1. In SIlverline Portal, navigate to Config > Proxy / App Configuration > Proxy/App Management
  2. Find the desired proxy and click Edit on that row.
  3. Select the appropriate HTTPS or HTTP service, which defaults to the Security Policies tab.
  4. Select the Threat Intelligence Profile from the drop-down menu.
  5. Click Save and Finish in the bottom right of the screen (scrolling down may be necessary)
  6. Silverline automatically schedules the Threat Intelligence profile for deployment

 

 

Related Content

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request