set threshold for f5 / monitoring

Question

hi,&nbsp;
1.) can cpu or memory threshold set for f5  for.e.g,  cpu or memory more than 98% will receive alert instead use third party software&nbsp;
2.) any command to monitor or check the local traffic flow from virtual address -&gt; pool -&gt; destination pool member web server ? sometimes, need to know if the traffic access to the virtual address had directed the destination node member (webserver).&nbsp;
3.) read thru some article about f5 hardening security access, can anyone share the standard f5 hardening template which will be used to apply f5  with steps?&nbsp;
much appreciated and thank you. :)&nbsp;

ravi_k__malhotr · Answer

please try these. 
Answer 1. For system resources threshold configuration, you can use "Analytics" feature, easy configuration in Configuration Utility. &nbsp;
Answer 2. For capturing the connections, use this command set [ show sys connection virtual-server-object ]. if you do ? after [ show sys connection ? ], you can see other options too, like capturing all traffic from specific source ip address as well. Alternately  you can use Dashboard over Configuration Utility. CU --Main Tab -- Statistics -- Dashboard -- on top under View Tab, select "Local Traffic Manager". And then under LTM Statistics, you can choose either a virtual server, pool, pool members.&nbsp;
Answer 3.&nbsp;
 3.1 make sure that SSH access is restricted to allowed subnet.
 3.2 Also, make sure that access to Configuration Utility is also restricted as per the allowed subnet
 3.3 make sure that port-lockdown feature is also configured as per the needs for the Self-IPs. you can    pick "Default Allowed", or you can also choose specific ports as per the needs.
 3.4 make sure that you have changed default passwords for root and admin user accounts.
 3.5 make sure that you have identical NTP settings over the cluster. 
 3.6 something real simple and basic, but make sure that you have Banner configured for both SSH and GUI login.
 3.7 configure idle timeout for automatic logout and also for dashboard viewing
 3.8 Make sure that you have a third party Monitoring Server, Monitoring F5 BigIP appliances via SNMP and getting all valuable data like number of interfaces, CPU, Memory, Number of Connections, Hard Disk Usage, TMM Memory Usage statistics, Fan, power supply etc.... you can also use "Analytics" as well.
 3.9 Health Monitor your application servers on their production tcp/udp ports instead of simple icmp health monitoring. 
 3.10 for cluster environment -- "Link down time on Failover" default value is set to 0.0 which means upon network link failure, or link down, F5 pairs will not failover. change this default settings to either like 0.5 up to 0.10.
 3.11 Never use original profiles, always make a copy of the profile that you want to use, either it be protocol profile, service profile, or other profile.
 3.12 something performance specific -- Make sure that you have understood and gathered all requirements before load balancing any application. i mean do not use persistence profiles where they are not needed. &nbsp;
I can write many more, but the above are simple and basics. cover your ground.
  --Ravi K. Malhotra--&nbsp;

Forum Discussion

set threshold for f5 / monitoring

1 Reply

Recent Discussions

Pricing when used with aws waf

F5 Rseries R2600 Tenant sizing

iRule help masking IBM host URL/URI

Need advise to setup a policy on F5

Advise on setting up IRULE

Related Content

About memory threshold setting

Explanation of F5 DDoS threshold modes

API rest - monitor at pool settings

Setting up BIG-IP with AWS CloudHSM

SNMP Monitor for CPU and Memory Threshold