diff --git a/content/nap-waf/v4/admin-guide/upgrade-nap-waf.md b/content/nap-waf/v4/admin-guide/upgrade-nap-waf.md index 7bbb4cab6..409dcfed5 100644 --- a/content/nap-waf/v4/admin-guide/upgrade-nap-waf.md +++ b/content/nap-waf/v4/admin-guide/upgrade-nap-waf.md @@ -1,10 +1,10 @@ --- -title: "Upgrade NGINX App Protect WAF on Managed Instances" -description: "How to Upgrade F5 NGINX App Protect WAF on managed NGINX instances" +title: Upgrade NGINX App Protect WAF on Managed Instances weight: 300 toc: true -tags: [ "NGINX Management Suite" ] -docs: "DOCS-1198" +type: how-to +product: NAP-WAF +docs: DOCS-1198 --- ## Overview diff --git a/content/nap-waf/v5/admin-guide/upgrade-nap-waf.md b/content/nap-waf/v5/admin-guide/upgrade-nap-waf.md index 31413667d..d9add4ee1 100644 --- a/content/nap-waf/v5/admin-guide/upgrade-nap-waf.md +++ b/content/nap-waf/v5/admin-guide/upgrade-nap-waf.md @@ -1,10 +1,10 @@ --- -title: "Upgrade NGINX App Protect WAF on Managed Instances" -description: "How to Upgrade F5 NGINX App Protect WAF on managed NGINX instances" +title: Upgrade NGINX App Protect WAF on Managed Instances weight: 600 toc: true -tags: [ "NGINX Management Suite" ] -docs: "DOCS-1640" +type: how-to +product: NAP-WAF +docs: DOCS-1640 --- ## Overview diff --git a/content/nginx/_index.md b/content/nginx/_index.md index bd073f4fa..49ba06a44 100644 --- a/content/nginx/_index.md +++ b/content/nginx/_index.md @@ -1,10 +1,8 @@ --- -description: "Documentation for NGINX Open Source and F5 NGINX Plus. \n\nRequest your - [free 30‑day trial](https://www.nginx.com/free-trial-request) today.\n" -linkTitle: NGINX Plus -menu: docs title: F5 NGINX Plus weight: 100 +description: "Documentation for NGINX Open Source and F5 NGINX Plus. \n\nRequest your + [free 30‑day trial](https://www.nginx.com/free-trial-request) today.\n" cascade: logo: "NGINX-Plus-product-icon-RGB.svg" --- diff --git a/content/nim/_index.md b/content/nim/_index.md index ba5824b5b..959e6afe6 100644 --- a/content/nim/_index.md +++ b/content/nim/_index.md @@ -1,5 +1,5 @@ --- -title: NGINX Instance Manager +title: F5 NGINX Instance Manager description: Track and control NGINX Open Source and NGINX Plus instances. url: /nginx-instance-manager/ cascade: diff --git a/content/nim/admin-guide/authentication/oidc/microsoft-entra-automation.md b/content/nim/admin-guide/authentication/oidc/microsoft-entra-automation.md index 569e5f05f..c74f1acd2 100644 --- a/content/nim/admin-guide/authentication/oidc/microsoft-entra-automation.md +++ b/content/nim/admin-guide/authentication/oidc/microsoft-entra-automation.md @@ -1,12 +1,10 @@ --- -docs: DOCS-1197 -doctypes: -- tutorial -tags: -- docs title: Automate OIDC with Microsoft Entra -toc: true weight: 300 +toc: true +type: how-to +product: NIM +docs: DOCS-1197 --- ## Overview @@ -50,7 +48,7 @@ Before proceeding, first secure NGINX Instance Manager with OpenID Connect (OIDC 3. Fill in the role details. Use the information from an existing user group in NGINX Instance Manager, such as from the [Create user groups in Instance Manager]({{< relref "/nim/admin-guide/authentication/oidc/microsoft-entra-setup.md#create-user-groups-in-nginx-instance-manager" >}}) step: - In the **Display name** field, enter a role name (e.g., "Admin"). - In **Allowed member types**, select **Applications**. - - In the **Value** field, enter the value for the role. This must match the user group in NGINX Management Suite. + - In the **Value** field, enter the value for the role. This must match the user group in Instance Manager. - Provide a description for the role. 4. Select **Save**. @@ -158,12 +156,12 @@ Additionally, complete the following steps: {{< note >}}The `roles` claim will contain the role ID of the role you created in the [Create an app role](#create-app-role) step.{{< /note >}} -## Access NGINX Management Suite API using the access token +## Access NGINX Instance Manager API using the access token -To access the NGINX Management Suite API using the access token, send the token in the `Authorization` header of the request as a Bearer token. For example, using `curl`: +To access the NGINX Instance Manager API using the access token, send the token in the `Authorization` header of the request as a Bearer token. For example, using `curl`: ```bash curl -v -k --header "Authorization: Bearer " https:///api/platform/v1/userinfo ``` -Replace `` with the token you obtained from Microsoft Entra and `` with the IP address of your NGINX Management Suite instance. +Replace `` with the token you obtained from Microsoft Entra and `` with the IP address of your NGINX Instance Manager instance. diff --git a/content/nim/deploy/vm-bare-metal/install-nim-deprecated.md b/content/nim/deploy/vm-bare-metal/install-nim-deprecated.md index f2033ce6c..34b7a7870 100644 --- a/content/nim/deploy/vm-bare-metal/install-nim-deprecated.md +++ b/content/nim/deploy/vm-bare-metal/install-nim-deprecated.md @@ -1,14 +1,11 @@ --- -description: -docs: DOCS-1211 -doctypes: -- tutorial -tags: -- docs title: Manually install on a virtual machine or bare metal (deprecated) -toc: true weight: 10 +toc: true noindex: true +type: how-to +product: NIM +docs: DOCS-1211 --- @@ -316,4 +313,4 @@ To install NGINX Instance Manager, you need to add the official repository to pu sudo systemctl restart nginx ``` -4. (Optional) If you use SELinux, follow the steps in the [Configure SELinux]({{< relref "nim/system-configuration/configure-selinux.md" >}}) guide to restore the default SELinux labels (`restorecon`) for the files and directories related to NGINX Management suite. +4. (Optional) If you use SELinux, follow the steps in the [Configure SELinux]({{< relref "nim/system-configuration/configure-selinux.md" >}}) guide to restore the default SELinux labels (`restorecon`) for the files and directories related to NGINX Instance Manager. diff --git a/content/nim/monitoring/security-monitoring/configure/create-role-security-monitoring.md b/content/nim/monitoring/security-monitoring/configure/create-role-security-monitoring.md index a3e26dc77..441cc941d 100644 --- a/content/nim/monitoring/security-monitoring/configure/create-role-security-monitoring.md +++ b/content/nim/monitoring/security-monitoring/configure/create-role-security-monitoring.md @@ -1,17 +1,15 @@ --- title: Add user access to Security Monitoring dashboards -description: Learn how to grant users access to the F5 NGINX Security Monitoring dashboards. -toc: true weight: 200 +toc: true doctype: how-to product: NIM docs: DOCS-1026 - --- ## Overview -You can use F5 NGINX Security Monitoring to monitor NGINX App Protect WAF instances. The Security Monitoring analytics dashboards and security logs provide protection insights and help you analyze possible threats or identify opportunities to tune your security policies. +You can use the Security Monitoring module to monitor NGINX App Protect WAF instances. The Security Monitoring analytics dashboards and security logs provide protection insights and help you analyze possible threats or identify opportunities to tune your security policies. By completing the steps in this topic, you will create a role that gives users access to the Security Monitoring module and logs, and assign it to user accounts or groups. @@ -23,7 +21,7 @@ By completing the steps in this topic, you will create a role that gives users a Complete the following prerequisites before proceeding with this guide: -- NGINX Security Monitoring is [installed]({{< relref "/nim/monitoring/security-monitoring/install-security-monitoring.md" >}}) and running. +- Security Monitoring is [installed]({{< relref "/nim/monitoring/security-monitoring/install-security-monitoring.md" >}}) and running. - Your user account needs to be able to access the User Management settings in NGINX Instance Manager. The minimum required role permissions are: @@ -31,17 +29,12 @@ Complete the following prerequisites before proceeding with this guide: - **Feature**: User Management - **Access**: `READ`, `CREATE`, `UPDATE` -- Review the table below to determine the minimum permissions needed for your use case. - - {{}} - - | Module(s) | Feature(s) | Access | Description | - |-------|--------|----|--------| - | Instance Manager
Security Monitoring | Analytics
Security Monitoring | READ
READ | Read-only access that allows users to view the Security Monitoring dashboards. Users cannot access NGINX Instance Manager or Settings.| - | Instance Manager
Security Monitoring
Settings | Analytics
Security Monitoring
User Management | READ
READ
CREATE, READ, UPDATE| Allows users to view the Security Monitoring dashboards and manage user accounts and roles.

{{< fa "lightbulb" >}} Recommended for a "super-user" who is responsible for managing other users' access to the security dashboards. This permission set does not allow the user to delete user accounts.| - +Review the table below to determine the minimum permissions needed for your use case. - {{}} +| Module(s) | Feature(s) | Access | Description | +|-------|--------|----|--------| +| Instance Manager
Security Monitoring | Analytics
Security Monitoring | READ
READ | Read-only access that allows users to view the Security Monitoring dashboards. Users cannot access NGINX Instance Manager or Settings.| +| Instance Manager
Security Monitoring
Settings | Analytics
Security Monitoring
User Management | READ
READ
CREATE, READ, UPDATE| Allows users to view the Security Monitoring dashboards and manage user accounts and roles.

{{< fa "lightbulb" >}} Recommended for a "super-user" who is responsible for managing other users' access to the security dashboards. This permission set does not allow the user to delete user accounts.| --- diff --git a/content/nim/monitoring/security-monitoring/configure/set-up-app-protect-instances.md b/content/nim/monitoring/security-monitoring/configure/set-up-app-protect-instances.md index 4b252c247..f7aa36b71 100644 --- a/content/nim/monitoring/security-monitoring/configure/set-up-app-protect-instances.md +++ b/content/nim/monitoring/security-monitoring/configure/set-up-app-protect-instances.md @@ -1,9 +1,7 @@ --- title: Create App Protect WAF instances for Security Monitoring -description: Learn how to set up F5 NGINX App Protect data plane instances for use with - the NGINX Security Monitoring and NGINX Instance Manager. -toc: true weight: 100 +toc: true type: how-to product: NIM docs: DOCS-1107 @@ -11,7 +9,7 @@ docs: DOCS-1107 ## Overview -F5 NGINX Security Monitoring supports the following use cases: +The Security Monitoring module supports the following use cases: - **Security Monitoring only**: Use only the Security Monitoring module to monitor data from NGINX App Protect WAF instances. You will be able to review the security dashboards to assess potential threats and identify opportunities to fine-tune your policies. Your NGINX App Protect WAF configurations are managed outside of the NGINX Instance Manager context. - **Security Monitoring and Instance Manager**: Use the Security Monitoring module with the NGINX Instance Manager. In addition to monitoring your application security, you will be able to manage your NGINX App Protect WAF configurations and security policies in a single location and push pre-compiled updates to an instance or instance group. @@ -32,7 +30,7 @@ Complete the following prerequisites before proceeding with the steps in this gu {{< include "nim/tech-specs/security-data-plane-dependencies.md" >}} 1. Determine your use case: **Security Monitoring only** or **Security Monitoring and Configuration Management**. -1. [Install the NGINX Security Monitoring module]({{< relref "/nim/monitoring/security-monitoring/install-security-monitoring.md" >}}) and [upload your license]({{< relref "/nim/admin-guide/license/add-license.md" >}}). +1. [Install the Security Monitoring module]({{< relref "/nim/monitoring/security-monitoring/install-security-monitoring.md" >}}) and [upload your license]({{< relref "/nim/admin-guide/license/add-license.md" >}}). --- @@ -199,7 +197,7 @@ Repeat the steps below on each NGINX App Protect WAF data plane instance. sudo systemctl restart nginx ``` -You should now be able to view data from your NGINX App Protect instances in the NGINX Security Monitoring dashboards. +You should now be able to view data from your NGINX App Protect instances in the Security Monitoring dashboards. --- diff --git a/content/nim/monitoring/security-monitoring/configure/update-geo-db.md b/content/nim/monitoring/security-monitoring/configure/update-geo-db.md index 7eadcef1d..5fb30df60 100644 --- a/content/nim/monitoring/security-monitoring/configure/update-geo-db.md +++ b/content/nim/monitoring/security-monitoring/configure/update-geo-db.md @@ -1,9 +1,7 @@ --- title: Update the geolocation database used in dashboards -description: Learn how to update the Geolocation Database used in F5 NGINX Management - Suite Security Monitoring dashboards. -toc: true weight: 400 +toc: true type: how-to product: NIM docs: DOCS-1108 @@ -11,7 +9,7 @@ docs: DOCS-1108 ## Overview -You can use F5 NGINX Security Monitoring to monitor NGINX App Protect WAF instances. The Security Monitoring analytics dashboard uses MaxMind's GeoLite2 Free Database to provide extra Geolocation data for Security Violations. +You can use the Security Monitoring module to monitor NGINX App Protect WAF instances. The Security Monitoring analytics dashboard uses MaxMind's GeoLite2 Free Database to provide extra Geolocation data for Security Violations. By completing the steps in this topic, you will be able to update the Security Monitoring module to get the latest Geolocation database such that the dashboards can provide accurate data. @@ -21,10 +19,9 @@ By completing the steps in this topic, you will be able to update the Security M Complete the following prerequisites before proceeding with this guide: -- NGINX Security Monitoring is [installed]({{< relref "/nim/monitoring/security-monitoring/install-security-monitoring.md" >}}) and running. +- The Security Monitoring module is [installed]({{< relref "/nim/monitoring/security-monitoring/install-security-monitoring.md" >}}) and running. - NGINX App Protect is configured, and the Security Monitoring dashboard is gathering security violations - --- ## Update the geolocation database diff --git a/content/nim/monitoring/security-monitoring/configure/update-signatures.md b/content/nim/monitoring/security-monitoring/configure/update-signatures.md index 6301708d9..430c8ffac 100644 --- a/content/nim/monitoring/security-monitoring/configure/update-signatures.md +++ b/content/nim/monitoring/security-monitoring/configure/update-signatures.md @@ -1,9 +1,7 @@ --- title: Update the Attack Signature Database -description: Learn how to update the Attack Signature Database used in F5 NGINX Management - Suite Security Monitoring dashboards. -toc: true weight: 300 +toc: true type: how-to product: NIM docs: DOCS-1109 @@ -11,7 +9,7 @@ docs: DOCS-1109 ## Overview -You can use the F5 NGINX Security Monitoring module to monitor NGINX App Protect WAF instances for security. The Security Monitoring module analytics dashboards utilize a Signature Database to give more detail about the Attack Signatures that have caused a Security Violation, like the Signature's name, accuracy, and risk. +You can use the Security Monitoring module to monitor NGINX App Protect WAF instances for security. The Security Monitoring module analytics dashboards utilize a Signature Database to give more detail about the Attack Signatures that have caused a Security Violation, like the Signature's name, accuracy, and risk. If the Signature Database is not updated to match the Attack Signature version used for App Protect WAF protection, new signatures may be triggered without a name or other attributes like risk and accuracy. @@ -23,7 +21,7 @@ The steps in this topic ensure that dashboards show the correct information by u Complete the following prerequisites before proceeding with this guide: -- NGINX Security Monitoring is [installed]({{< relref "/nim/monitoring/security-monitoring/install-security-monitoring.md" >}}) and running +- The Security Monitoring module is [installed]({{< relref "/nim/monitoring/security-monitoring/install-security-monitoring.md" >}}) and running - NGINX App Protect is configured, and the Security Monitoring dashboard is gathering security violations --- diff --git a/content/nim/monitoring/security-monitoring/install-security-monitoring.md b/content/nim/monitoring/security-monitoring/install-security-monitoring.md index db0164269..addac425a 100644 --- a/content/nim/monitoring/security-monitoring/install-security-monitoring.md +++ b/content/nim/monitoring/security-monitoring/install-security-monitoring.md @@ -1,5 +1,5 @@ --- -title: "Install or upgrade Security Monitoring" +title: Install or upgrade Security Monitoring toc: true weight: 100 doctype: how-to @@ -9,7 +9,7 @@ docs: DOCS-1208 ## Overview -Follow the steps in this guide to install or upgrade or upgrade the NGINX Security Monitoring module. +Follow the steps in this guide to install or upgrade or upgrade the Security Monitoring module. --- diff --git a/content/nim/nginx-app-protect/manage-waf-security-policies.md b/content/nim/nginx-app-protect/manage-waf-security-policies.md index 915208c3c..f1d185a19 100644 --- a/content/nim/nginx-app-protect/manage-waf-security-policies.md +++ b/content/nim/nginx-app-protect/manage-waf-security-policies.md @@ -1,7 +1,5 @@ --- title: Manage WAF Security Policies and Security Log Profiles -description: Learn how to use F5 NGINX Management Suite Instance Manager to manage NGINX - App Protect WAF security policies and security log profiles. weight: 200 toc: true type: how-to @@ -11,7 +9,7 @@ docs: DOCS-1105 ## Overview -F5 NGINX Management Suite Instance Manager provides the ability to manage the configuration of NGINX App Protect WAF instances either by the user interface or the REST API. This includes editing, updating, and deploying security policies, log profiles, attack signatures, and threat campaigns to individual instances and/or instance groups. +F5 Instance Manager provides the ability to manage the configuration of NGINX App Protect WAF instances either by the user interface or the REST API. This includes editing, updating, and deploying security policies, log profiles, attack signatures, and threat campaigns to individual instances and/or instance groups. In Instance Manager v2.14.0 and later, you can compile a security policy, attack signatures, and threat campaigns into a security policy bundle. A security policy bundle consists of the security policy, the attack signatures, and threat campaigns for a particular version of NGINX App Protect WAF, and additional supporting files that make it possible for NGINX App Protect WAF to use the bundle. Because the security policy bundle is pre-compiled, the configuration gets applied faster than when you individually reference the security policy, attack signature, and threat campaign files. @@ -65,7 +63,7 @@ To access the web interface, go to the FQDN for your NGINX Instance Manager host To create a security policy using the Instance Manager web interface: -1. In a web browser, go to the FQDN for your NGINX Management Suite host and log in. Then, from the Launchpad menu, select **Instance Manager**. +1. In a web browser, go to the FQDN for your NGINX Instance Manager host and log in. Then, from the Launchpad menu, select **Instance Manager**. 2. On the left menu, select **App Protect**. 3. On the *Security Policies* page, select **Create**. 4. On the *Create Policy* page, fill out the necessary fields: diff --git a/content/nim/nginx-app-protect/overview-nap-waf-config-management.md b/content/nim/nginx-app-protect/overview-nap-waf-config-management.md index 8639aa5fd..8d3c1bd8b 100644 --- a/content/nim/nginx-app-protect/overview-nap-waf-config-management.md +++ b/content/nim/nginx-app-protect/overview-nap-waf-config-management.md @@ -1,31 +1,27 @@ --- -description: Learn how you can use F5 NGINX Management Suite Instance Manager to configure - NGINX App Protect WAF security policies. -docs: DOCS-992 -doctypes: -- reference -tags: -- docs title: NGINX App Protect WAF configuration management -toc: true weight: 500 +toc: true +type: how-to +product: NIM +docs: DOCS-992 --- ## Overview -F5 NGINX Management Suite Instance Manager provides configuration management for [NGINX App Protect WAF](https://www.nginx.com/products/nginx-app-protect/web-application-firewall/). +F5 Instance Manager provides configuration management for [NGINX App Protect WAF](https://www.nginx.com/products/nginx-app-protect/web-application-firewall/). You can use NGINX App Protect WAF with Instance Manager to inspect incoming traffic, identify potential threats, and block malicious traffic. With Configuration Management for App Protect WAF, you can configure WAF security policies in a single location and push your configurations out to one, some, or all of your NGINX App Protect WAF instances. ### Features -- Manage NGINX App Protect WAF security configurations by using the NGINX Management Suite user interface or REST API +- Manage NGINX App Protect WAF security configurations by using the NGINX Instance Manager user interface or REST API - Update Attack Signatures and Threat Campaign packages - Compile security configurations into a binary bundle for consumption by NGINX App Protect WAF instances ## Architecture -As demonstrated in Figure 1, Instance Manager lets you manage security configurations for NGINX App Protect WAF. You can define security policies, upload attack signatures and threat campaign packages, and publish common configurations out to your NGINX App Protect WAF instances. Instance Manager can compile the security configuration into a bundle before pushing the configuration to the NGINX App Protect WAF data plane instances. The NGINX Management Suite Security Monitoring module provides data visualization for NGINX App Protect, so you can monitor, analyze, and refine your policies. +As demonstrated in Figure 1, Instance Manager lets you manage security configurations for NGINX App Protect WAF. You can define security policies, upload attack signatures and threat campaign packages, and publish common configurations out to your NGINX App Protect WAF instances. Instance Manager can compile the security configuration into a bundle before pushing the configuration to the NGINX App Protect WAF data plane instances. The Security Monitoring module provides data visualization for NGINX App Protect, so you can monitor, analyze, and refine your policies. {{< img src="nim/app-sec-overview.png" caption="Figure 1. NGINX Management Suite with NGINX App Protect Architecture Overview" alt="A diagram showing the architecture of the NGINX Management Suite with NGINX App Protect solution" width="75%">}} diff --git a/content/nim/nginx-app-protect/setup-waf-config-management.md b/content/nim/nginx-app-protect/setup-waf-config-management.md index 71bbe7256..f7150727c 100644 --- a/content/nim/nginx-app-protect/setup-waf-config-management.md +++ b/content/nim/nginx-app-protect/setup-waf-config-management.md @@ -1,14 +1,10 @@ --- -description: Learn how to use F5 NGINX Management Suite Instance Manager to secure your - applications with NGINX App Protect WAF security policies. -docs: DOCS-996 -doctypes: -- task -tags: -- docs title: Manage Your App Protect WAF Configs -toc: true weight: 100 +toc: true +type: how-to +product: NIM +docs: DOCS-996 --- {{< shortversions "2.6.0" "latest" "nimvers" >}} @@ -23,7 +19,7 @@ Complete the following prerequisites before proceeding with this guide. - You have one or more instances of [NGINX App Protect WAF](https://docs.nginx.com/nginx-app-protect/admin-guide/install/) installed and running. See [Support for NGINX App Protect WAF]({{< relref "tech-specs#support-for-nginx-app-protect-waf" >}}) for a list of supported versions. - {{}}If you are using configuration management and the NGINX Management Suite Security Monitoring module, follow the instructions in the [setup guide]({{}}) to set up your NGINX App Protect instances before proceeding with this guide.{{}} + {{}}If you are using configuration management and the Security Monitoring module, follow the instructions in the [setup guide]({{}}) to set up your NGINX App Protect instances before proceeding with this guide.{{}} - You have Instance Manager v2.6.0 or later [installed]({{< relref "/nim/deploy/vm-bare-metal/_index.md" >}}), licensed, and running. If you have a subscription to NGINX App Protect WAF, you can find your Instance Manager license in the subscription details section of [MyF5](https://my.f5.com). @@ -42,7 +38,7 @@ Instance Manager does not support the following NGINX App Protect features: ## Install the WAF Compiler -Instance Manager can use the NGINX App Protect WAF compiler to "pre-compile" security configurations before syncing them to managed data plane instances. You'll need to install the WAF compiler package on the NGINX Management Suite host to enable this functionality. If you'll be continuing with WAF compilation on the data plane host, installing the WAF compiler on the NGINX Management Suite host is not necessary. +Instance Manager can use the NGINX App Protect WAF compiler to "pre-compile" security configurations before syncing them to managed data plane instances. You'll need to install the WAF compiler package on the NGINX Instance Manager host to enable this functionality. If you'll be continuing with WAF compilation on the data plane host, installing the WAF compiler on the NGINX Instance Manager host is not necessary. Be sure to download and install the correct WAF compiler version for your environment: @@ -165,7 +161,7 @@ Take the steps below to download the WAF compiler, Attack Signatures, and Threa 1. Select **Product Line**: **NGINX App Protect**. 1. Select a **Product version**. 1. Select the **Linux distribution**, **distribution version**, and **Architecture**. -1. Download the WAF compiler package and transfer it to the NGINX Management Suite host. +1. Download the WAF compiler package and transfer it to the NGINX Instance Manager host. 1. Run the appropriate command on the host to install the WAF compiler package from the file. - Debian or Ubuntu: @@ -218,7 +214,7 @@ NGINX App Protect provides predefined [Attack Signatures](https://docs.nginx.com [Threat Campaigns](https://docs.nginx.com/nginx-app-protect/configuration-guide/configuration/#threat-campaigns) is a threat intelligence feature included in an NGINX App Protect WAF subscription. The feature includes frequent update feeds containing contextual information about active attack campaigns currently being observed by F5 Threat Labs that NGINX App Protect WAF can provide protection against. Just like Attack Signatures, the Threat Campaign patterns are updated regularly. Unlike Attack Signatures, the NGINX App Protect WAF installation does not include any Threat Campaigns and you need to install them in order for the protection to take effect. Due to the highly dynamic nature of those campaigns the updates are issued far more frequently than the Attack Signatures. You need to install those updates close to the time they are issued in order to get the most effective protection. -In order to take advantage of new Attack Signature and Threat Campaign packages, you need to upload these packages to NGINX Management Suite. +In order to take advantage of new Attack Signature and Threat Campaign packages, you need to upload these packages to NGINX Instance Manager. You can either configure Instance Manager to download new versions automatically, or manage the files manually by downloading the packages from MyF5 and then uploading them to Instance Manager by using the REST API. @@ -460,7 +456,7 @@ To onboard your NGINX App Protect WAF instances to Instance Manager, you need to 1. Use SSH to connect to the NGINX App Protect WAF instance. Take the steps below for each instance to download and install NGINX Agent from the management plane host. -1. Download the NGINX Agent package from the NGINX Management Suite host and run the agent install script. +1. Download the NGINX Agent package from the NGINX Instance Manager host and run the agent install script. {{< tip >}}You can add instances with the same version of NGINX App Protect installed to an instance group by running the agent install command on each instance with the optional `--instance-group`` flag.{{< /tip>}} {{< include "agent/installation/install-agent-api.md" >}} @@ -916,7 +912,7 @@ server { } ``` -{{< note >}}If you're using the NGINX Management Suite Security Monitoring module, you should already have the `app_protect_security_log` directive set to reference the `secops_dashboard.tgz` file as shown below. Do not change this setting. +{{< note >}}If you're using the Security Monitoring module, you should already have the `app_protect_security_log` directive set to reference the `secops_dashboard.tgz` file as shown below. Do not change this setting. ```nginx app_protect_security_log "/etc/nms/secops_dashboard.tgz" syslog:server=127.0.0.1:514; @@ -1054,11 +1050,11 @@ Once you have added the NGINX App Protect WAF directives to your NGINX configura If you're having issues with NGINX App Protect WAF, we suggest trying the following troubleshooting steps. If none of them helps, please reach out to NGINX Customer Support for further assistance.
-Verify that NGINX App Protect WAF is not installed on the NGINX Management Suite host +Verify that NGINX App Protect WAF is not installed on the NGINX Instance Manager host -To ensure no library conflicts arise when installing `nms-nap-compiler`, verify that NGINX App Protect WAF is not installed on the NGINX Management Suite host. You can do this by taking the following steps: +To ensure no library conflicts arise when installing `nms-nap-compiler`, verify that NGINX App Protect WAF is not installed on the NGINX Instance Manager host. You can do this by taking the following steps: -1. Open an SSH connection to your NGINX Management Suite host and log in. +1. Open an SSH connection to your NGINX Instance Manager host and log in. 2. Run the following command: - Debian-based distributions, run `dpkg -s app-protect` @@ -1075,7 +1071,7 @@ Each NGINX App Protect WAF version has a corresponding version of the WAF compil To view the installed version of the WAF compiler: -1. Open an SSH connection to your NGINX Management Suite host and log in. +1. Open an SSH connection to your NGINX Instance Manager host and log in. 2. Run the following command: ```shell @@ -1137,7 +1133,7 @@ extensions: nginx_app_protect: # Report interval for NGINX App Protect details - the frequency the NGINX Agent checks NGINX App Protect for changes. report_interval: 15s - # Enable precompiled publication from the NGINX Management Suite (true) or perform compilation on the data plane host (false). + # Enable precompiled publication from the NGINX Instance Manager (true) or perform compilation on the data plane host (false). precompiled_publication: true nap_monitoring: diff --git a/content/nim/nginx-app-protect/waf-config-management.md b/content/nim/nginx-app-protect/waf-config-management.md index 6f7543aaa..dc993a692 100644 --- a/content/nim/nginx-app-protect/waf-config-management.md +++ b/content/nim/nginx-app-protect/waf-config-management.md @@ -1,21 +1,19 @@ --- -description: Learn how to use NGINX Management Suite Instance Manager to publish NGINX - App Protect WAF configurations. -docs: DOCS-1114 -tags: -- docs title: WAF Configuration Management -toc: true weight: 100 +toc: true +type: how-to +product: NIM +docs: DOCS-1114 --- ## Overview -You can use NGINX Management Suite Instance Manager to publish configurations to your NGINX App Protect WAF data plane instances. +You can use NGINX Instance Manager to publish configurations to your NGINX App Protect WAF data plane instances. ## Publish WAF Configurations -1. Set up your NGINX Management Suite Instance Manager instance: +1. Set up your NGINX Instance Manager instance: - [Install the WAF Compiler]({{< relref "/nim/nginx-app-protect/setup-waf-config-management#install-the-waf-compiler" >}}) diff --git a/content/nim/nginx-configs/config-templates/how-to/manage-nginx-configs-with-templates.md b/content/nim/nginx-configs/config-templates/how-to/manage-nginx-configs-with-templates.md index 12dec5a1e..0c7d5b259 100644 --- a/content/nim/nginx-configs/config-templates/how-to/manage-nginx-configs-with-templates.md +++ b/content/nim/nginx-configs/config-templates/how-to/manage-nginx-configs-with-templates.md @@ -1,28 +1,10 @@ --- -title: "Manage NGINX configs with templates" -date: 2024-03-12T15:51:04-07:00 -# Change draft status to false to publish doc. -draft: false -# Description -# Add a short description (150 chars) for the doc. Include keywords for SEO. -# The description text appears in search results and at the top of the doc. -description: "" -# Assign weights in increments of 100 +title: Manage NGINX configs with templates weight: 200 toc: true -tags: [ "docs" ] -# Create a new entry in the Jira DOCS Catalog and add the ticket ID (DOCS-) below -docs: "DOCS-1506" -# Taxonomies -# These are pre-populated with all available terms for your convenience. -# Remove all terms that do not apply. -categories: ["installation", "platform management", "load balancing", "api management", "service mesh", "security", "analytics"] -doctypes: ["task"] -journeys: ["researching", "getting started", "using", "renewing", "self service"] -personas: ["devops", "netops", "secops", "support"] -versions: [] -authors: [] - +type: how-to +product: NIM +docs: DOCS-1506 --- ## Create a Config Template @@ -74,7 +56,7 @@ _Replace the placeholder values with the actual details of your template._ To import an existing template from a `.tar.gz` archive file: -1. Open your web browser, go to the Fully Qualified Domain Name (FQDN) of your NGINX Management Suite host, and log in. +1. Open your web browser, go to the Fully Qualified Domain Name (FQDN) of your NGINX Instance Manager host, and log in. 2. From the Launchpad menu, choose **Instance Manager**. 3. In the left navigation pane, select **Templates > Overview**. 4. On the Config Templates "Overview" page, select **Create**. @@ -90,7 +72,7 @@ To import an existing template from a `.tar.gz` archive file: To create a new config template: -1. Open your web browser, go to the Fully Qualified Domain Name (FQDN) of your NGINX Management Suite host, and log in. +1. Open your web browser, go to the Fully Qualified Domain Name (FQDN) of your NGINX Instance Manager host, and log in. 2. From the Launchpad menu, choose **Instance Manager**. 3. In the left navigation pane, select **Templates**. 4. On the Config Templates "Overview" page, select **Create**. @@ -134,7 +116,7 @@ Previewing a config from a template lets you see how your NGINX configurations w To preview, generate, and submit a config from a template: -1. Open your web browser, go to the Fully Qualified Domain Name (FQDN) of your NGINX Management Suite host, and log in. +1. Open your web browser, go to the Fully Qualified Domain Name (FQDN) of your NGINX Instance Manager host, and log in. 2. Select **Instance Manager** from the LaunchPad. 3. On the left sidebar, select **Templates**. 4. Locate the desired template on the "Overview" page and select the ellipsis (three dots) in the **Actions** column, then select **Preview and Generate**. @@ -162,7 +144,7 @@ When managing your NGINX configurations, you might find that certain parameters To edit a template submission: -1. Open your web browser, go to the Fully Qualified Domain Name (FQDN) of your NGINX Management Suite host, and log in. +1. Open your web browser, go to the Fully Qualified Domain Name (FQDN) of your NGINX Instance Manager host, and log in. 2. Select **Instance Manager** from the LaunchPad. 3. On the left sidebar, select **Template Submissions** to view a list of all template submissions. 4. Locate and select the template submission you want to edit. diff --git a/content/nim/nginx-configs/config-templates/how-to/rbac-config-templates-and-submissions.md b/content/nim/nginx-configs/config-templates/how-to/rbac-config-templates-and-submissions.md index 55c886792..a07679fbc 100644 --- a/content/nim/nginx-configs/config-templates/how-to/rbac-config-templates-and-submissions.md +++ b/content/nim/nginx-configs/config-templates/how-to/rbac-config-templates-and-submissions.md @@ -1,27 +1,10 @@ --- -title: "RBAC for config templates and submissions" -date: 2024-03-29T09:35:06-07:00 -# Change draft status to false to publish doc -draft: false -# Description -# Add a short description (150 chars) for the doc. Include keywords for SEO. -# The description text appears in search results and at the top of the doc. -description: "" -# Assign weights in increments of 100 +title: RBAC for config templates and submissions weight: 300 toc: true -tags: [ "docs" ] -# Create a new entry in the Jira DOCS Catalog and add the ticket ID (DOCS-) below -docs: "DOCS-1505" -# Taxonomies -# These are pre-populated with all available terms for your convenience. -# Remove all terms that do not apply. -categories: ["installation", "platform management", "load balancing", "api management", "service mesh", "security", "analytics"] -doctypes: ["tutorial"] -journeys: ["researching", "getting started", "using", "renewing", "self service"] -personas: ["devops", "netops", "secops", "support"] -versions: [] -authors: [] +type: how-to +product: NIM +docs: DOCS-1505 --- ## Overview @@ -37,7 +20,7 @@ With role-based access control (RBAC), administrators can determine who can crea To complete these steps, you need administrator access. -1. Open your web browser, go to the Fully Qualified Domain Name (FQDN) of your NGINX Management Suite host, and log in. +1. Open your web browser, go to the Fully Qualified Domain Name (FQDN) of your NGINX Instance Manager host, and log in. 2. Select **Settings** (gear icon) in the upper-right corner of the dashboard. diff --git a/content/nim/nginx-configs/config-templates/tutorials/round-robin-reverse-proxy.md b/content/nim/nginx-configs/config-templates/tutorials/round-robin-reverse-proxy.md index bd5d725b5..885f465c2 100644 --- a/content/nim/nginx-configs/config-templates/tutorials/round-robin-reverse-proxy.md +++ b/content/nim/nginx-configs/config-templates/tutorials/round-robin-reverse-proxy.md @@ -1,17 +1,10 @@ --- -title: "Round-robin reverse proxy with an augment template" -date: 2024-03-12T16:01:58-07:00 -draft: false -description: "Learn how to set up a round-robin reverse proxy using NGINX Instance Manager with base and augment templates." +title: Round-robin reverse proxy with an augment template weight: 100 toc: true -tags: [ "docs" ] -docs: "DOCS-1655" -categories: ["installation", "platform management", "load balancing", "api management", "service mesh", "security", "analytics"] -doctypes: ["tutorial"] -journeys: ["getting started", "using"] -versions: [] -authors: [] +type: tutorial +product: NIM +docs: DOCS-1655 --- ## Overview @@ -49,7 +42,7 @@ Before you start the tutorial, you should: In this section, you'll learn how to create a [base config template]({{< relref "nim/nginx-configs/config-templates/concepts/config-templates.md" >}}). -1. Open your web browser, go to the Fully Qualified Domain Name (FQDN) of your NGINX Management Suite host, and log in. +1. Open your web browser, go to the Fully Qualified Domain Name (FQDN) of your NGINX Instance Manager host, and log in. 2. From the Launchpad menu, choose **Instance Manager**. 3. On the left menu, select **Templates**. 4. Select **Create**. diff --git a/content/nim/nginx-instances/add-tags.md b/content/nim/nginx-instances/add-tags.md index df3b51ff8..035d95d77 100644 --- a/content/nim/nginx-instances/add-tags.md +++ b/content/nim/nginx-instances/add-tags.md @@ -1,13 +1,10 @@ --- -description: Follow the steps in this guide to create tags for organizing your instances. -docs: DOCS-829 -doctypes: -- tutorial -tags: -- docs title: Organize instances with tags -toc: true weight: 650 +toc: true +type: how-to +product: NIM +docs: DOCS-829 --- ## Overview @@ -43,7 +40,7 @@ To add tags to the configuration file, take the following steps: To add tags using the Instance Manager web interface, take the following steps: -1. In a web browser, go to the FQDN for your NGINX Management Suite host and log in. +1. In a web browser, go to the FQDN for your NGINX Instance Manager host and log in. 1. In the left menu, select **Instances**. diff --git a/content/nim/nginx-instances/manage-certificates.md b/content/nim/nginx-instances/manage-certificates.md index 2beeb7a4d..16a8c2785 100644 --- a/content/nim/nginx-instances/manage-certificates.md +++ b/content/nim/nginx-instances/manage-certificates.md @@ -1,12 +1,10 @@ --- -docs: DOCS-821 -doctypes: -- tutorial -tags: -- docs title: Manage SSL certificates -toc: true weight: 650 +toc: true +type: how-to +product: NIM +docs: DOCS-821 --- {{< include "nim/decoupling/note-legacy-nms-references.md" >}} @@ -159,7 +157,7 @@ To manage certificates securely, you should rotate encryption keys regularly or To rotate the certificate encryption key: -1. Open an SSH connection to the F5 NGINX Management Suite host. +1. Open an SSH connection to the F5 NGINX Instance Manager host. 2. Run the following command to stop the `nms` service: ```bash diff --git a/content/nim/nginx-instances/manage-instance-groups.md b/content/nim/nginx-instances/manage-instance-groups.md index 2524c3e28..3d4d7e853 100644 --- a/content/nim/nginx-instances/manage-instance-groups.md +++ b/content/nim/nginx-instances/manage-instance-groups.md @@ -1,14 +1,10 @@ --- -description: Learn how to use F5 NGINX Management Suite Instance Manager to create instance - groups, which you can use to manage multiple NGINX instances as a single entity. -docs: DOCS-935 -doctypes: -- tutorial -tags: -- docs title: Create and manage instance groups -toc: true weight: 600 +toc: true +type: how-to +product: NIM +docs: DOCS-935 --- ## Overview diff --git a/content/nim/nginx-instances/scan-instances.md b/content/nim/nginx-instances/scan-instances.md index 31fd53d7f..67bae1bb3 100644 --- a/content/nim/nginx-instances/scan-instances.md +++ b/content/nim/nginx-instances/scan-instances.md @@ -1,20 +1,12 @@ --- -description: Follow the steps in this guide to scan for and discover NGINX instances. -docs: DOCS-828 -doctypes: -- tutorial -tags: -- docs title: Scan and discover NGINX instances -toc: true weight: 110 +toc: true +typo: how-to +product: NIM +docs: DOCS-828 --- - - {{< shortversions "2.0.0" "latest" "nimvers" >}} ## Prerequisites {#prerequisites} @@ -40,7 +32,7 @@ If no host discovery options are provided, Instance Manager sends an ICMP echo r ## Scan using the web interface {#scan-ui} -1. In a web browser, go to the FQDN for your F5 NGINX Management Suite host and log in. +1. In a web browser, go to the FQDN for your F5 NGINX Instance Manager host and log in. 2. In the left menu, select **Scan**. 3. Enter subnets and masks that correspond to your network. diff --git a/content/nim/troubleshooting.md b/content/nim/troubleshooting.md index 71630f8da..987c7d9c5 100644 --- a/content/nim/troubleshooting.md +++ b/content/nim/troubleshooting.md @@ -1,15 +1,11 @@ --- -description: This topic describes possible issues users might encounter when using - Instance Manager. When possible, suggested workarounds are provided. -docs: DOCS-1224 -doctypes: -- reference -tags: -- docs title: Troubleshooting -toc: true weight: 1000 +toc: true draft: true +type: how-to +product: NIM +docs: DOCS-1224 --- ## New NGINX instances don't show up in Instance Manager @@ -104,7 +100,7 @@ When attempting to upgrade Instance Manager on a Debian-based system, the comman To manually update the public key, take the following steps: -1. Download a new key from the NGINX Management Suite host: +1. Download a new key from the Instance Manager host: - Secure: