Contents x
    Configurational Classes
    • 09 Nov 2023
    • Print
    • Dark
      Light
    Contents

    Configurational Classes

    • Updated on 09 Nov 2023
    • Print
    • Dark
      Light
    Article Summary

    PII (Personally Identifiable Information) Anonyization

    Personally Identifiable Information (PII) is information that can be used on its own or with other information to identify a single person, or to identify an individual in context.

    It is important for us to keep personal private information out of our servers. Therefore, by default, we do not send the request body and cookies to HUMAN backend servers, the entire communication is based on headers data.

    PII is not a recommended setting. If PII is essential for your organization, contact HUMAN Support.

    When PII is enabled, HUMAN does not store a client’s full IP information (Client IP, HTTP Headers). In IPv4 this is done by zeroing 4th IP octet (for example, the IP 1.2.3.4 will be stored as 1.2.3.0). In IPv6 this is done by zeroing the last four (4) octets (for example, the IP 1:2:3:4:1:2:3:4 will be stored as 1:2:3:4:1:2:3:0).
    Removing the IP's last octet can result small reduction of detection capability, usually for the models and signatures that are based on IPs.

    The HUMAN BigIP module allows you to set a number of configurational classes as follows:

    Whitelist Routes

    1. On Local Traffic > iRules > Data Group List create a new Data Group.
    2. Set the Name to px_<APP_ID>_whitelisted_routes. Make sure to replace <APP_ID> with your HUMAN app id.
    3. Set Type to String.
    4. For each route you wish to allow, set the String property of String Record to the prefix of the route and click Add.
    5. Click Finished.
    6. On the iRule, make sure the value of whitelisted_routes_class directive is the same as the name you provided in step 2.

    Specific Routes

    1. On Local Traffic > iRules > Data Group List create a new Data Group.
    2. Set the Name to px_<APP_ID>_specific_routes. Make sure to replace <APP_ID> with your HUMAN app id.
    3. Set Type to String.
    4. For each route you wish to allow, set the String property of String Record to the prefix of the route and click Add.
    5. Click Finished.
    6. On the iRule, make sure the value of specific_routes_class directive is the same as the name you provided in step 2.

    Sensitive Routes

    1. On Local Traffic > iRules > Data Group List create a new Data Group.
    2. Set the Name to px_<APP_ID>_sensitive_routes. Make sure to replace <APP_ID> with your HUMAN app id.
    3. Set Type to String.
    4. For each route you wish to allow, set the String property of String Record to the prefix of the route and click Add.
    5. Click Finished.
    6. On the iRule, make sure the value of sensitive_routes_class directive is the same as the name you provided in step 2.
    Was this article helpful?
    What's Next