cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.
KevinGallaugher
F5 Employee
F5 Employee

Introduction

This article is part of a series on implementing Orchestrated Infrastructure Security. It includes High Availability, Central Management with BIG-IQ, Application Visibility with Beacon and the protection of critical assets using F5 Advanced WAF and Protocol Inspection (IPS) with AFM. It is assumed that you have an active F5 Beacon account with Cloud Services.

If you need help setting up BIG-IQ for the first time, refer to the Dev/Central article series Implementing SSL Orchestrator here. That article covers SSL Orchestrator but the procedure to add Advanced WAF and AFM to BIG-IQ is the same.

This article focuses on configuring Application Visibility with Beacon. It covers the configuration of Telemetry Streaming on SSL Orchestrator running version 15.1.0.4, and AFM and Advanced WAF running version 16.0.0.

Please forgive me for using SSL and TLS interchangeably in this article.

This article is divided into the following high level sections:

  • Installing Postman
  • Using Beacon
  • The Application Map

Installing Postman

You will need to use Postman to complete this configuration. You can download it from the Postman website here

Full instructions for setting up Postman are available in F5 Cloud Docs here

The full procedure involves the following:

  • Install Postman
  • Import the Collection & Environment into Postman
  • Configure the Username & Password for Beacon access
  • Install Telemetry Streaming & AS3 on all of your BIG-IPs
  • Use Postman to authenticate to your BIG-IP API and configure Telemetry Streaming to send data to F5 Beacon. Detailed instructions here.
  • Create a Beacon Application. Detailed instructions here.

Using Beacon

F5 Beacon is a highly customizable Visibility solution. You can use it to map out your application framework and all resources your application is dependent upon. Various metrics can be configured to track the health of all assets related to your application. An Application map shows the overall structure of your application and the health of every related note. This gives you a single view into the health of your application. If any items display in red you will know there is a problem and where it is in your application infrastructure.

From Beacon click the down arrow to the right of Application Landscape and select Configuration.

0151T000003plJlQAI.png

From here you can view all the Sources (BIG-IP devices) that are sending Telemetry Streaming to Beacon. In this example there are 6 devices.

0151T000003plJmQAI.png

The Application Map

Here’s an example of an Application map. The item in the red rectangle represents the start of our Application ‘tree’. The item in the blue circle represents the health of both the Active and Standby SSL Orchestrator. Health can be tracked by a variety of metrics including CPU usage, memory, current connections and more. The item in the yellow rectangle represents the health of both Advanced WAF devices. The item in the black rectangle represents the health of the Virtual Server being protected by the Advanced WAF.

As stated previously, the health of any devices in the tree can be tracked and combined with multiple, customizable metrics based on your application needs.

0151T000003pkeYQAQ.png

It might be hard to notice but some of the devices are outlined in green while others are black. Green means healthy, red means unhealthy and black means unknown (typically if Health Monitoring is disabled). This can be seen in the image below where both AFM devices are healthy (green rectangle). The Virtual Server AFM1 is healthy (green rectangle). The health of the other Virtual Servers is unknown (black rectangle). 

Note: There are no unhealthy devices or nodes.

0151T000003pkeiQAA.png

To build out an Application Dependency Tree like this you can select objects imported into BIG-IQ from your BIG-IP devices. These can be Virtual Server usage by Current Connections, Client side bits in/out and/or Health Status.

The image below shows the SSL Orchestrator Node Health is dependent upon the System CPU Usage of the two BIG-IP devices.

0151T000003plJvQAI.png

The Metric Health Conditions can be based on a variety of Metrics. Click Add to see more options.

0151T000003plJwQAI.png

Notice all the Source options that are available (scroll down to see them all).

0151T000003plJnQAI.png

Select bigip-virtual for the source type and you will see the available metrics.

0151T000003plK0QAI.png

Select Health Status as a metric. Under Select Filters select name.

0151T000003plKAQAY.png

Click the drop-down arrow to view all of the Virtual Servers from your BIG-IP devices.

0151T000003plKFQAY.png

From here you can select the Virtual Server you want to add as a Metric for this Node. Click Add > Save > Save & Close to complete this process.

Summary

In this article you learned how to install Postman, setup Beacon and view an example of the Application Map.

Next Steps

Click Next to proceed to the next article in the series.

Version history
Last update:
‎09-Oct-2020 14:11
Updated by:
Contributors