Overview of port lockdown behavior

Information

The port lockdown feature allows you to secure the BIG-IP system from unwanted connection attempts by controlling the level of access to each self IP address defined on the system.
Each port lockdown list setting, defined later in this document, specifies the protocols and services from which a self IP can accept connections. The system refuses traffic and connections made to a service or protocol port that is not on the list.

Solution

1. Log in to the Configuration utility.
2. Go to Network > Self IPs.
3. Select the relevant self IP address.
4. For Port Lockdown, choose the setting you want to use.
5. Select Update.

See Also

https://support.f5.com/csp/article/K53108777#link_01

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-5(1), CAT|II, CCI|CCI-001813, Rule-ID|SV-74639r1_rule, STIG-ID|F5BI-DM-000213, Vuln-ID|V-60209

Plugin: F5

Control ID: 7669bd29a8882a19e52ad0f8692b648f4a6554a91eee9c7142d524c0e1fafda1