Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral


articleaccesssecurityf5 April 15, 2014 by Peter Silva
This past weekend, like many of you, I started getting the blood curdling password resets from a bunch of OpenSSL affected sites. I also got a few emails from sites indicating that I had nothing to worry about. Bad news, good news. Probably the biggest security story thus far for 2014 is Heartbleed, the OpenSSL vulnerability which potentially allows attackers to extract 64 kilobyte batches of memory at random without being noticed and leaving no trace. Sounds like the perfect crime. It also got...
articlesecuritysystem.string[] April 15, 2014 by Lori MacVittie
#heartbleed #infosec #SSL There are a variety of opinions on the seriousness of Heartbleed being put forth ranging from "it's not the end of the world" to "the sky is falling, duck and cover." Usually the former cites the relatively low percentage of sites impacted by Heartbleed, pegged at about 17% or 500,000 sites by Netcraft. The latter cite the number of consumers impacted, which is a way bigger number to be sure. Sites tracking the impact to users suggest many of the largest sites have pote...
The proliferation of Bring Your Own Device (BYOD) or the ability to respond to spurs in Internet or Web traffic is driving a shift in end-user expectations and business demands. According to Frost and Sullivan, the number of connected devices that are encompassed within the Internet of Things will be close to 80 billion by 2020 globally. The number of applications delivered within an enterprise is anywhere up to 1,000 according to Morgan Stanley. The increasing number of applications infiltra...
#devops #SDN The importance of APIs and programmable data paths to the future of networking.   OpenStack. OpenDaylight. SDN. Cloud. It's all about abstraction, about APIs and "software-defined" (which really means software-controlled, but this is neither the time or place to get into that debate). It's about jailbreaking the network. Enabling access to features and functionality in a way that results in new services, increased responsiveness and overall, the operationalization of the net...
#IPS #Infosec #F5 #SDAS Despite claims that there exists (or will, look out!) a mythical "god box" for the enterprise data center, capable of performing every data center function imaginable, it remains, well, mythical. Efforts to effectively secure the data center and the applications it delivers therefore requires a collaborative approach between best-of-breed technologies. But if collaboration across functional IT groups - development, operations, network and security - remains as elusive a...
For those of you tuning in to learn more about the OpenSSL Heartbleed vulnerability, here are more details about it and how F5 customers are protected. The iRule below mitigates the Heartbleed vulnerability for virtual servers that do not use SSL termination.   This iRule is very similar to the client iRule, except it watches the server responses searching for a heartbeat. If it sees one that is longer than 128 bytes, it rejects the connection. As TCP segments arrive...
articleapmaccess April 10, 2014 by Cody Green
In Part 1 we discussed how to configure APM to leverage iOS 7 Per app VPN.  In Part 2 we'll discuss how to configure AirWatch to take advantage of these features for your iOS device.  This configuration was performed using the AirWatch SaaS offering but on-premise configuration should be almost identical.  Create Device Profile1. Create an AirWatch device profile 2. Set your general information for the profile like minimum OS type. 3. Configure the VPN settings:Enter the server UR...
As an APM subject mater expert at F5 I often find myself in situations where a customer or colleague needs an example of a particular configuration.  While most of these requests are easily handled with a call or WebEx I'm a firm believer in sharing knowledge through documentation.. and I don't like getting calls at 3 AM.If you're like me you grew up with the O'Reilly Cookbook series which served as a great reference document for various development or server configuration tasks.  My g...
The security landscape today is highly complex, which can largely be attributed to the increasingly sophisticated nature of cyber attacks, particularly from an execution perspective. For example, DDoS attacks are now reaching speeds of up to 400Gbps, targeting both the network and application layer. Evidently, attackers are progressing towards other methods to bypass traditional security defenses, including the firewall.  In this particular scenario, the challenge for organisations ...
For those of you tuning in to learn more about the OpenSSL Heartbleed vulnerability, here are more details about it and how F5 customers are protected. The iRule below mitigates the Heartbleed vulnerability for virtual servers that do not use SSL termination.   This iRule will find any heartbeat request from a client and close the connection immediately. We believe this is an effective mitigation because we have not seen any clients that send a valid heartbeat request, even ...
Page 1 of 488First   Previous   [1]  2  3  4  5  6  7  8  9  10  Next   Last