Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral


Entries for December 2011

#infosec #fasterapp This video sets the stage for IT having to manage multiple networking challenges when faced with a natural disaster causing their data center to shut down. With careful planning, the evolution of the network and application delivery allows the single point of control to automate, provision and secure their virtual and cloud environments. The F5 Dynamic Data Center Resources F5 Security Vignette: Proactive Security F5 Security Vignette: DNSSEC Wrapping F5 Se...
#infosec #cybersecurity Security is a never ending battle. The bad guys advance, we counter, they cross over ... you're just never done. To give our side an edge we do a lot of research.  If we were going to sum up the role of security in corporate IT today we'd have to say it's to "be prepared." This series looks at many of those security concerns which can be addressed proactively, before they are exploited or become a fire drill. F5 Security Vignette: iHealth   Related: F5 Security ...
#infosec If we were going to sum up the role of security in corporate IT today we'd have to say it's to "be prepared." This series looks at many of those security concerns which can be addressed proactively, before they are exploited or become a fire drill. When we hear about an Apache vulnerability, it gets our attention. In this case the issue was the way Apache handles HTTP RANGE headers, which are used to request individual sub-ranges of a given response, instead of the entire response. T...
The consequences of exposing hundreds of thousands of customer credit card numbers is unthinkable. Fines, lawsuits, damaged brand -- the effects can be catastrophic. Even if it was accidental, the effect would be the same. If we were going to sum up the role of security in corporate IT today we'd have to say it's to "be prepared." This series looks at many of those security concerns which can be addressed proactively, before they are exploited or become a fire drill. F5 Security Vignette: Cred...
The premise of the SSL Renegotiation DOS attack is simple: "An SSL/TLS handshake requires at least 10 times more processing power on the server than on the client". If a client machine and server machine were equal in RSA processing power, the client could overwhelm the server by sending ten times as many SSL handshake requests as the server could service. The counter measure against the attacks was to write an iRule to limit renegotiation requests to 5 per minute per session. If we were going...
#mobile For IT and security professionals, Android 4.x (Ice Cream Sandwich) is a big deal For most people (who don’t live in the midwest), talking Ice Cream in the middle of the winter may be a bit odd, unless you’re talking about Google’s latest Android release (4.x). “Ice Cream Sandwich” is an important step forward for the mobile operating system platform in that it includes much needed enterprise security features including support for MDMs and a SSL-VPN Framework. This is an important...
If we were going to sum up the role of security in corporate IT today we'd have to say it's to "be prepared." This series looks at many of those security concerns which can be addressed proactively, before they are exploited or become a fire drill.  The F5 Security Vignette series looks at various security concerns, vulnerabilities and attacks which can cause headaches for Corporate IT and the business integrity overall. F5 Security Vignette: Hacktivism Attack   Related Resources: F5 Secu...
Answer: All the time #infosec Despite the fact that web application firewall (WAF) solutions have been around for quite a number of years, there still seems to be confusion around what it is they do. In particular, there’s a troubling trend that tries to compare WAF with IPS (Intrusion Prevention Systems). This is essentially the same as trying to shove a square peg into a round hole. Or, if you prefer, viewing everything as a nail because all you have is a hammer. While it is true that IP...
The dirty little secret of the Internet is how insecure DNS really is. The good news is, there's a solution -- DNSSEC. It secures the DNS query and response process.  The F5 Security Vignette series looks at various security concerns, vulnerabilities and attacks which can cause headaches for Corporate IT and the business integrity overall. F5 DNSSEC Wrapping   Resources: F5 Security Vignette: Proactive Security  F5 YouTube Channel  Latest F5 Information F5 News Articles ...
articlesslsecurityhardwarevideof5 newsf5news December 01, 2011 by F5 News
#infosec Security is such a small word considering the breadth of concerns it must address. Welcome to the F5 Security Vignette series, in which we’ll look at various security concerns, vulnerabilities and attacks which can cause headaches for Corporate IT and the business integrity overall. If we were going to sum up the role of security in corporate IT today we’d have to say it’s to “be prepared.” This series looks at many of those security concerns which can be addressed proactively, before...