PEM¶
Introduced : BIG-IP_v11.4.0
The PEM (Policy Enforcement Manager) module contains the interfaces
that enable you to get information on and work with the components,
attributes, and devices associated with PEM.
Interfaces¶
| Interface | Description |
| FormatScript | You can use the format script component to create scripts for High-Speed Logging (HSL) reporting. The scripts use TCL syntax and define a custom format that is applied in an enforcement policy rule. The format and fields available differ depending on whether the rule specifies session-based or flow-based reporting. |
| ForwardingEndpoint | You can use the forwarding endpoint interface to configure forwarding endpoint definitions for the Policy Enforcement Manager. A forwarding endpoint represents the final destination of the traffic flow. The endpoint will always point to a single pool; it optionally points to a single SNAT pool and/or a single LSN pool. According to source-ip or destination-ip, the subsequent traffic can be directed to the same pool member, which is called persistence. The persistence feature can be disabled. Note: Before you can create a forwarding endpoint you must create a valid pool with at least one member. |
| InterceptionEndpoint | You can use the interception-endpoint interface to configure interception-endpoint definitions for the Policy Enforcement Manager. The interception-endpoint is used to clone all traffic. The endpoint will always point to a single pool. According to source-ip or destination-ip, the subsequent traffic can be directed to the same pool member, which is called persistence. The persistence feature can be disabled. Note: Before you create a cloning-endpoint you have to create a valid pool. |
| Listener | You can use the listener interface to configure listener definitions for the Policy Enforcement Manager. To apply policies, a listener listens traffic on one Subscriber Policy Manager (SPM) profile and one or more virtual servers. |
| Policy | The Policy interface enables you to work with attributes for policies. You can use this policy component to configure the policy definitions on the Policy Enforcement Manager. A policy is a set of rules which are used to match traffic flow and apply actions. A rule has filters and actions configuration. All configured filters must match before the actions can be applied to the traffic flow. |
| ServiceChainEndpoint | You can use the service chain endpoint component to configure service chain endpoint definitions for the Policy Enforcement Manager (PEM). Each service chain endpoint consists of one or more service endpoints, where a service endpoint consists of a non-zero integer order, a valid PEM forwarding-endpoint (to-endpoint) and an existing vlan (from-vlan). When you configure a BIG-IP that has a service chain endpoint with multiple service endpoints, then the traffic will pass through these service endpoints in their given order (from low to high) before leaving the BIG-IP. Note: You must create a valid forwarding-endpoint and a valid vlan before you can create a service endpoint. You must also give each service endpoint an order from 1 up to 2^32-1. |
| Subscriber | The Subscriber interface allows you to create (or provision) static subscribers using Policy Enforcement Manager. Subscribers are typically mobile device users that purchase service plans from service providers. To identify the subscriber, you can specify the subscriber ID type, subscriber ID, and optional IP address. You also associate one or more policies that define actions to take for that subscriber. |
Enumerations¶
| Enumeration | Description |
| PersistenceType | Specifies whether traffic persists with pool members. If you have multiple pool members and want specific traffic to go to the same pool member, select source or destination IP address. |
Aliases¶
| Alias | Type | Description |
| PersistenceTypeSequence | PersistenceType [] | A sequence of persistence types. |
See Also¶
Warning
The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.
Sample Code¶
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.