Self IP not locked down for F5

Vendor

F5

Description

Best practices dictate that the self IP should be locked down to admin services. Indeni will alert if this is not the case.

Remediation Steps

Unless this is intentionally configured, such as a dedicated cable or VLAN for HA, it is always recommended to have the Self IP configuration set to "Allow None". Make sure to schedule a service window before configuring this option.

How does this work?

This alert logs into the device through SSH and uses TMSH to retrieve the port lockdown configiguration for all self IP's.

Why is this important?

This alert logs into the device through SSH and uses TMSH to retrieve the port lockdown configiguration for all self IP's.

Without Indeni how would you find this?

An administrator could check this metric manually by logging into the device through TMSH and executing the command "list net self".


View Source Code