Monitoring F5 BIG-IP Devices

Overview

TOS Aurora monitors F5 BIG-IP devices for policy revision changes. You can add these devices as TOP plugins for change management of textual revisions, but you can add F5 BIG-IP Local Traffic Manager (LTM) devices without the plugin to see the graphical display of revisions and to include the devices in Topology calculations.

To see which TOS features are supported for your device, review the feature support table.

Prerequisites

TOS Aurora and the monitored devices must be synchronized with the correct date and time, either manually or automatically. We recommend that you also configure the devices to resolve DNS queries.

Before you begin, make sure that you have an F5 user that has a policy that has all the permissions you require for the TOS features you will be using. The user must have Terminal Access set to tmsh. If the user is not logged into TMSH directly, run the command tmsh before running the commands below.

Feature

Permissions
Visibility and Change Tracking list auth partition
list ltm node
list ltm node recursive
list ltm pool
list ltm pool recursive
list ltm snat-translation recursive
list ltm snatpool recursive
list ltm virtual recursive
list net route-domain partition id strict vlans
list net route
list net self
show running-config
show running-config recursive
show sys clock
show sys version
show running-config sys global-settings
Dynamic Topology list auth partition
list ltm node
list ltm pool
list net route-domain partition id strict vlans
list net self
show net route static dynamic field-fmt

Add a Device

  1. Select F5 > Big IP:

  2. Configure the device settings:

    • Name for Display

    • Domain: Available only if you have configured your system for managing multi-domains and All Domains is currently selected. Select the domain to which to add the device. The Domain can only be entered when adding a device; to change the Domain, you must migrate the device.

    • Use TOP plugin: To get expanded support for a F5 BIG-IP LTM device, do not select this option. To get basic support of any F5 BIG-IP device, select this option to add the device with the TOP plugin.

    • Get revisions from: One of the following:

      • IP Address: Revisions are retrieved automatically
      • Offline File: (If available) Revisions are manually uploaded to TOS Aurora for Offline Analysis

    • This device has Partitions configured: If your device has administrative partitions, select this option so that you can import the partitions to the device monitoring after you complete the device monitoring wizard.

      • Enable sharing between partitions: Always select this option when partitions share objects from the Common partition, unless you are managing partitions on different MSSP domains. 

    • ST server: In a distributed deployment, select which TOS Aurora cluster monitors this device (not shown in image)

    • Enable Topology: Collects routing information for building the network Interactive Map.
      Topology options for Advanced management mode are configured when you import managed devices.

    • If the device uses dynamic addressing (such as DHCP) or dynamic routing protocols (such as OSPF), also select Collect dynamic topology information.

      Topology is supported only for devices not added with the TOP plugin.

  3. Click Next.

  4. Configure the TOS Aurora connection to the F5 BIG-IP device, according to the parameters required by the device:

    • Enter the authentication details needed to connect to the F5 BIG-IP device. The user must have permissions for the commands listed in the prerequisites above.

    • Connection configuration: Select whether to use SSH (preferred) or Telnet. To use default settings (recommended in most cases), leave the Port number blank.
      The device must be configured to use SSH version 2.
  5. Click Next.

  6. In Monitoring Settings, do one of the following:

    • To use timing settings from the Timing page, select Default.

    Otherwise, select Custom and configure the monitoring mode and settings.

    • Periodic Polling, select Custom settings and configure the Polling frequency: How often TOS Aurora fetches the configuration from each device.

      If you select 1 day, you can then select the exact time (hour and minute) for the daily polling.

  7. Click Next

  8. Save the configuration.

    The F5 BIG-IP device now appears in the Monitored Devices tree.

Configure a Monitored Device

After you add a device, further configuration options are available.

Options vary depending on your environment.

Example

  • Edit configuration: Use the wizard to modify selected device settings. See Add a Device in this topic.

  • Delete this device: Type yes to confirm that you want to delete the device.

  • Import Partitions

How Do I Get Here?

SecureTrack > Monitoring > Manage Devices