This article is part of a series on implementing Orchestrated Infrastructure Security. It includes High Availability, Central Management with BIG-IQ, Application Visibility with Beacon and the protection of critical assets using F5 Advanced WAF and Protocol Inspection (IPS) with AFM. It is assumed that you have an active F5 Beacon account with Cloud Services.
If you need help setting up BIG-IQ for the first time, refer to the Dev/Central article series Implementing SSL Orchestrator here. That article covers SSL Orchestrator but the procedure to add Advanced WAF and AFM to BIG-IQ is the same.
This article focuses on configuring Application Visibility with Beacon. It covers the configuration of Telemetry Streaming on SSL Orchestrator running version 18.104.22.168, and AFM and Advanced WAF running version 16.0.0.
Please forgive me for using SSL and TLS interchangeably in this article.
This article is divided into the following high level sections:
The Application Map
You will need to use Postman to complete this configuration. You can download it from the Postman website here.
Full instructions for setting up Postman are available in F5 Cloud Docs here.
The full procedure involves the following:
Import the Collection & Environment into Postman
Configure the Username & Password for Beacon access
Install Telemetry Streaming & AS3 on all of your BIG-IPs
Use Postman to authenticate to your BIG-IP API and configure Telemetry Streaming to send data to F5 Beacon. Detailed instructions here.
Create a Beacon Application. Detailed instructions here.
F5 Beacon is a highly customizable Visibility solution. You can use it to map out your application framework and all resources your application is dependent upon. Various metrics can be configured to track the health of all assets related to your application. An Application map shows the overall structure of your application and the health of every related note. This gives you a single view into the health of your application. If any items display in red you will know there is a problem and where it is in your application infrastructure.
From Beacon click the down arrow to the right of Application Landscape and select Configuration.
From here you can view all the Sources (BIG-IP devices) that are sending Telemetry Streaming to Beacon. In this example there are 6 devices.
The Application Map
Here’s an example of an Application map. The item in the red rectangle represents the start of our Application ‘tree’. The item in the blue circle represents the health of both the Active and Standby SSL Orchestrator. Health can be tracked by a variety of metrics including CPU usage, memory, current connections and more. The item in the yellow rectangle represents the health of both Advanced WAF devices. The item in the black rectangle represents the health of the Virtual Server being protected by the Advanced WAF.
As stated previously, the health of any devices in the tree can be tracked and combined with multiple, customizable metrics based on your application needs.
It might be hard to notice but some of the devices are outlined in green while others are black. Green means healthy, red means unhealthy and black means unknown (typically if Health Monitoring is disabled). This can be seen in the image below where both AFM devices are healthy (green rectangle). The Virtual Server AFM1 is healthy (green rectangle). The health of the other Virtual Servers is unknown (black rectangle).
Note: There are no unhealthy devices or nodes.
To build out an Application Dependency Tree like this you can select objects imported into BIG-IQ from your BIG-IP devices. These can be Virtual Server usage by Current Connections, Client side bits in/out and/or Health Status.
The image below shows the SSL Orchestrator Node Health is dependent upon the System CPU Usage of the two BIG-IP devices.
The Metric Health Conditions can be based on a variety of Metrics. Click Add to see more options.
Notice all the Source options that are available (scroll down to see them all).
Select bigip-virtual for the source type and you will see the available metrics.
Select Health Status as a metric. Under Select Filters select name.
Click the drop-down arrow to view all of the Virtual Servers from your BIG-IP devices.
From here you can select the Virtual Server you want to add as a Metric for this Node. Click Add > Save > Save & Close to complete this process.
In this article you learned how to install Postman, setup Beacon and view an example of the Application Map.
Click Next to proceed to the next article in the series.