Using Trusted Windows Versions in Protected Configurations

Question

Hi all, 
&nbsp;  
&nbsp; I've created a customer Protected Configuration and I'm trying to configure the Trusted Windows Version property of the configuration so that only specific versions of Windows are allowed, e.g. Windows XP SP2. 
&nbsp;  
&nbsp; On the actual properties page there is a field for "Windows Version" and a second field for "Hotfixes" but what I can't work out is the syntax that these fields are expecting. For example in the "Windows Version" field I have tried: 
&nbsp; * WinXP 
&nbsp; * (session.win_info.os_version == "WinXP") 
&nbsp;  
&nbsp; Neither of which seem to work. Similarily I have tried the following in the "Hotfixes" field: 
&nbsp; * hf_SP2 
&nbsp; * EXISTS(session.win_info.hotfixes.hf_SP2) 
&nbsp;  
&nbsp; Again, the above don't seem to work. I've RTFM'd the admin guide and the online help and while both documents list the appropriate session variables neither of them actually document the syntax that is expected when using the "Trusted Windows Version" property of a Protected Configuration, and none of the example Protected Configurations use sessions variable either. 
&nbsp;  
&nbsp; Can someone please steer me in the right direction before my brain spontaneously combusts? 
&nbsp;  
&nbsp; Thanks!

mal_57091 · Answer

Hey Matt, 
&nbsp;  
&nbsp; The best way i've done this in the past (cause there is a million different session variables) is to enable the "Session Variable Dump" under Device Management -&gt; Maintenance -&gt; Troubleshooting tools. Then create a prelogon sequence that checks does an OS Check and then do an Extended Windows Info check. 
&nbsp;  
&nbsp; Once these have set in place open a connection to FirePass from a machine that you want the info from (in your case WinXP SP2) and log in. After you have logged in go back to the FirePass AdminUI and go to Reports -&gt; Logons and select the user account you just logged in with. With Session Variable Dump enabled this page will list out all the info FirePass picked up from the Prelogon Sequence and you can copy and paste the session variables and values you are interested in into your Protected Configuration. 
&nbsp;  
&nbsp; Hope this helps you out. 
&nbsp;  
&nbsp; Cheers, 
&nbsp; Mal

Forum Discussion

Using Trusted Windows Versions in Protected Configurations

1 Reply

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

Upgrade Path for BIG-IP 2000 – Out of Warranty and EoRMA Status

F5 Command

R4800 snmp issues.

F5 XC JWKS auto update

PCI Compliance and ASM

Related Content

NGINX App Protect v5 Signature Notifications

F5 API Security: Discovery and Protection

L7 DoS Protection with NGINX App Protect DoS

NGINX App Protect Data Plane Add-on in Kubernetes

Cookie-based DDoS protection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS