F5 Distributed Cloud > F5 Distributed Cloud 102 - WAF/WAAP Deeper Dive Source | Edit on
4. Lab 3: Exploring Service Policies¶
The following lab tasks will guide you the configuration of various Service Policies which can be used to implement a variety of security controls.
4.1. Task 1: Creating Local Namespace Service Policies¶
In this task you will add geo-filter and allowed-ip based service policies.
Note Using shared namespace Service Policies provides the ability to use API-updated policy controls to implement common service security across multiple resources. |
|
![]() |
|
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
|
![]() |
4.2. Task 2: Attaching Service Policies and configuring IP Reputation¶
The following steps will enable you to attach Service Policies to your configured Load Balancer.
It will also help you understand additional approaches for Service Policies.
|
|
|
![]() |
|
|
|
![]() |
Note Because the “allowed-ip” begins with an allowed ip (yours) and ends in a “Deny” a positive security model will be applied (denying all other traffic). Similar positive or negative service policies can be created and applied (Headers, methods, file types, etc)
|
|
![]() |
4.3. Task 3: Observing Route Configurations¶
The following steps will enable you to attach Service Policies to your configured Load Balancer. It will also help you understand additional approaches for Service Policies.
|
|
![]() |
|
End of Lab 3: This concludes Lab 3, feel free to review and test the configuration. A Q&A session will begin shortly to conclude the overall lab. |
![]() |