Configurational Classes

🚧

PII (Personally Identifiable Information) Anonymization

Personally Identifiable Information (PII) is information that can be used on its own or with other information to identify a single person, or to identify an individual in context.

It is important for us to keep personal private information out of our servers. Therefore, by default, we do not send the request body and cookies to PerimeterX backend servers, the entire communication is based on headers data.

PII is not a recommended setting. If PII is essential for your organization, contact PerimeterX Support.

When PII is enabled, PerimeterX does not store a client’s full IP information (Client IP, HTTP Headers). In IPv4 this is done by zeroing 4th IP octet (for example, the IP 1.2.3.4 will be stored as 1.2.3.0). In IPv6 this is done by zeroing the last four (4) octets (for example, the IP 1:2:3:4:1:2:3:4 will be stored as 1:2:3:4:1:2:3:0).
Removing the IP's last octet can result small reduction of detection capability, usually for the models and signatures that are based on IPs.

The PerimeterX BigIP module allows you to set a number of configurational classes as follows:

Whitelist Routes

  1. On Local Traffic > iRules > Data Group List create a new Data Group.
  2. Set the Name to px_<APP_ID>_whitelisted_routes. Make sure to replace <APP_ID> with your PerimeterX app id.
  3. Set Type to String.
  4. For each route you wish to allow, set the String property of String Record to the prefix of the route and click Add.
  5. Click Finished.
  6. On the iRule, make sure the value of whitelisted_routes_class directive is the same as the name you provided in step 2.

Specific Routes

  1. On Local Traffic > iRules > Data Group List create a new Data Group.
  2. Set the Name to px_<APP_ID>_specific_routes. Make sure to replace <APP_ID> with your PerimeterX app id.
  3. Set Type to String.
  4. For each route you wish to allow, set the String property of String Record to the prefix of the route and click Add.
  5. Click Finished.
  6. On the iRule, make sure the value of specific_routes_class directive is the same as the name you provided in step 2.

Sensitive Routes

  1. On Local Traffic > iRules > Data Group List create a new Data Group.
  2. Set the Name to px_<APP_ID>_sensitive_routes. Make sure to replace <APP_ID> with your PerimeterX app id.
  3. Set Type to String.
  4. For each route you wish to allow, set the String property of String Record to the prefix of the route and click Add.
  5. Click Finished.
  6. On the iRule, make sure the value of sensitive_routes_class directive is the same as the name you provided in step 2.

Did this page help you?