Details
You can use the BIG-IP packet filter functionality to enhance network security by enforcing an access policy on traffic ingressing or egressing a VLAN on the BIG-IP system. You must configure packet filter functionality to block CIDR network addresses from the TMOS Shell.
Solution
Log in to tmsh by typing the following command:
tmsh
2. modify /sys db packetfilter.allow.important.icmp value
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system F5.
References
- 800-53|AC-10
- CAT|II
- CCI|CCI-000054
- Rule-ID|SV-74521r2_rule
- STIG-ID|F5BI-DM-000003
- Vuln-ID|V-60091