Configure Persistent Actions
For supported software information, click here.
Persistent actions are actions that apply to both current and future sessions. There are two types of persistent actions:
- Activate by security module—You can configure any combination of source IP address, source port number, destination IP address, destination port number, and protocol, and then refer that persistent action object in the IPS profile. If the persistent action associated with the IPS profile is not activated, that persistent action applies only to the current session. To have the action be considered for future session, you must activate the persistent action. One dynamic instance is generated by using the five tuple extracted from current session. If any future session matches this instance, the configured action is taken. If one dynamic entry is generated, a unique integer identifier is created and attached to the entry. You can later activate or deactivate actions by using this identifier.
- Activate by request command—You can configure the actual value of the source IP address, source port, destination IP address, destination port, and protocol. You must then activate persistent action after you compete the configuration. If any future session matches this instance, the configured action is taken
To configure persistent actions:
- In Director view:
- Select the Configuration tab in the top menu bar.
- Select Templates > Device Templates in the horizontal menu bar.
- Select an organization in the left menu bar.
- Select a template in the main pane. The view changes to Appliance view.
- Select the Configuration tab in the top menu bar.
- Select Objects & Connectors > Objects > Persistent Actions in the left menu bar. The main pane displays the persistent actions that are already configured.
- Click the Add icon to add an action. In the Add Persistent Action popup window, enter information for the following fields.
Field Description Name Enter a name for the persistent action. Description Enter a text description for the persistent action. Action Select the following action for sessions that match the security profile associated with the persistent action:
- Drop Session—The browser waits for a response from the server and drops the session. It is not possible to determine whether the session was dropped because of a delayed response from the server or because a firewall blocked access to the website.
Duration Select the duration for the persistent action:
- Always
- Minute—If you select this option, enter a value.
Precedence Enter a precedence value.
Range: 0 through 255
Default: None
Activated By Select the user who is noted as having activated the persistent action:
- Administrator
- Security Module
Activated By Administrator If you select Activated By Administrator, enter information for the following fields. - Source Address
Enter the source IP address to associate with the persistent action. - Source Port
Enter the source port number to associate with the persistent action. - Destination Address
Enter the destination IP address to associate with the persistent action. - Destination Port
Enter the destination port number to associate with the persistent action. - Protocol
Select the protocol to associate with the persistent action:
- TCP
- UDP
- LEF Profile
Select the LEF profile to associate with the persistent action. - Default Profile
Click to mark this as the default profile. Activated By Security Module If you select Activated By Security Module, enter information for the following fields.
- Source Address
Click to associate the source IP address with the persistent action. - Source Port
Click to associate the source port number with the persistent action. - Destination Address
Click to associate the destination IP address with the persistent action. - Destination Port
Click to associate the destination port number with the persistent action. - Protocol
Click to associate the protocol to associate with the persistent action
- Click OK.
Supported Software Information
Releases 20.2 and later support all content described in this article.