cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

Select different security policy depending on host name

Sammi
Altocumulus
Altocumulus

Is it possible to create and apply a Local Traffic Policy or iRule on a Virtual server that selects different security policies (ASM), depending on the host name of the http request ?

 

I know one can forward the traffic to other Virtual Servers with different policies applied, but I wonder if it is possible to accomplish the same on the one Virtual Server together with iRules or traffic policies.

 

Example, when traffic reaches a standard Virtual Server:

When target host name is hostname1.com, iRule or local traffic policies applies ASM Security Policy "hostname1_SP" on the Virtual Server

When target host name is hostname2.com, iRule or local traffic policies applies ASM Security Policy "hostname2_SP" on the Virtual Server

1 ACCEPTED SOLUTION

Erik_Novak
F5 Employee
F5 Employee

Create a Local Traffic Policy with a custom rule that filters on host name and then sends requests to a specific asm policy based on that criterion. Here's the GUI in 14.1:0691T000008GbyRQAS.png

View solution in original post

3 REPLIES 3

Hi Sammi,

 

Yes it is possible to attached more then one ASM policy to a virtual server (it was not in the past). Apply a traffic policy to the vs and based on hostname or uri select an ASM policy. (as in your example) (tested on 13.1.3.2)

 

Cheers,

 

Kees

Erik_Novak
F5 Employee
F5 Employee

Create a Local Traffic Policy with a custom rule that filters on host name and then sends requests to a specific asm policy based on that criterion. Here's the GUI in 14.1:0691T000008GbyRQAS.png

Sammi
Altocumulus
Altocumulus

Thank you guys, much appreciated!