Q&A: How would you recommend allowing our known good IP addresses?
- What are the options for allowlisting (formerly known as whitelist)?
- Silverline DDoS
- Silverline WAF
If you have IP addresses where you know they won't send bad traffic, you don't want the client/user to have any service interruption, and/or among other reasons, then allowlisting the IP address(es) is available to you.
In terms of allowlisting, there are a couple of allowlists that F5 Silverline supports:
- DDoS IP allowlist, this list is for preventing DDoS mitigation like L7 DDoS profiles to be applied onto allowlist IP addresses
- To add remove, modify and/or view this type of allowlist, see: How to Allowlist IP addresses for DDoS Routed Services
- WAF IP allowlist, this allowlist is per proxy specific and will bypass the WAF policy inspection for allowlisted IP addresses
- WAF policy allowlist, this is per WAF policy and will require the SOC to made the necessary allowlisting; the WAF policy will not block traffic and only log if there is a violation from the allowlisted IP