Application Services 3 (AS3) using BIG-IQ

Pre-AS3 BIG-IP Configuration Review

AS3 allows us to define an entire application configuration, including security policies, in a single API call. AS3 declarations allow an app administrator to focus on what should be configured and not worry about how. The AS3 API will build the necessary components to ensure the full configuration is deployed. If there is an error while deploying an AS3 application service, the entire configuration gets rolled back, greatly reducing the risk of failed deployments.

Return to Firefox and click on the first tab to return to the BIG-IP web UI.

../../_images/image114.png

Log back into the TMUI if not already.

../../_images/image211.png

Again, navigate to Local Traffic -> Virtual Servers. Notice that there are no virtual servers in our configuration.

../../_images/image38.png

Navigate to Local Traffic -> Pools. Notice that the list of pools is empty.

../../_images/image42.png

Navigate to Local Traffic -> Nodes. Notice that the list of nodes is also empty.

../../_images/image57.png

Click on Shared Objects -> Address Lists. Note that there are no address lists created.

../../_images/image63.png

Click on Shared Objects -> Port Lists. The two port lists present exist by default; thus, there are no created port lists on the BIG-IP.

../../_images/image74.png

Navigate to Security -> Application Security. Notice that there are no ASM (WAF) policies on the BIG-IP.

../../_images/image84.png

Next, navigate to Security -> Network Firewall. The default tab, Active Rules, shows that there are no rules being enforced.

../../_images/image93.png

Click on the Policies tab. You will see that no AFM firewall policies exist.

../../_images/image103.png

Essentially, the BIG-IP has no application or security configuration. We’ll review the BIG-IQ configuration and then start configuring via AS3 in the next sections.