Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology

Articles

Sort results

iControl REST 101: Getting Started

So you’ve heard of this iControl REST thing, have you? You’re excited at the idea of a simple, light weight API that allows you programmatic access via tried and true tmsh commands with which you may already be familiar? Whether it was in the... Read more
Average Rating: 5.0
12 Reviews

F5 Security on Owasp Top 10

Everyone is familiar with the Owasp Top 10. Below, you will find some notes on the Top 10, as well as ways to mitigate these potential threats to your environment.  You can... Read more
Average Rating: 4.9
10 Reviews

Cipher Suite Practices and Pitfalls

Cipher Suite Practices and Pitfalls It seems like every time you turn around there is a new vulnerability to deal with, and some of them, such as Sweet32, have required altering cipher configurations for mitigation.  Still other users may... Read more
Average Rating: 4.9
9 Reviews

Security Sidebar: Improving Your SSL Labs Test Grade

Encrypt everything.  That's what Google Chairman Eric Schmidt said back in November of last year.  His comments were in response to various surveillance efforts that he considered government overreach and censorship.  His... Read more
Average Rating: 4.9
9 Reviews

Advanced iRules: Getting Started with iRules Procedures

As Colin so eloquently puts it in the procs overview in the iRules wiki: "Ladies and gentlemen, procs are now supported in iRules!" Yes, the rumors are true. As of BIG-IP version 11.4, you can move all that repetitive code into... Read more
Average Rating: 4.9
9 Reviews

#The101: Variables

If you've been following along in the new #The101: iRules series, it's time to add another building block to the framework of what iRules are and can do. If you're new, it would behoove you to start at the beginning and catch up. S... Read more
Average Rating: 4.9
9 Reviews

SSL Profiles Part 2: Certificates

This is part 2 in a series of tech tips on the F5 BIG-IP LTM SSL profiles. SSL Profiles: Part 1 SSL Profiles: Part 2 SSL Profiles: Part 3 SSL Profiles: Part 4   In part 1, we covered the basics of the TLS handshakes and th... Read more
Average Rating: 4.9
9 Reviews

Real Cryptography Has Curves: Making The Case For ECC

Consider yourself a fascinating person if you have ever heard the term Elliptic Curve Cryptography (ECC). Consider yourself a cryptographic crackerjack if you actually know what it does and how it all works. If you are a mere mortal like the rest of us, you might not understand every single aspect of ECC. Read more
Average Rating: 4.9
8 Reviews

Getting FREAK-y with BIG-IP

Since it’s been about 3 months since POODLE, we’re clearly overdue for another major vulnerability in SSL and/or TLS. Fortunately for us, the research team at SmackTLS has released details of the FREAK attack (aka OpenSSL CVE-2015-0204). We... Read more
Average Rating: 4.9
8 Reviews

iRule to stop SSLv3 connections

The below iRule written by my team will stop all SSLv3 connections. If you are not using the SSL termination capabilities of your BIG-IP and instead are doing TCP load balancing, then the iRule will protect your servers from the POODLE attack.If... Read more
Average Rating: 4.9
8 Reviews

v11.1–External File Access from iRules via iFiles

New in BIG-IP version 11.1 are iFiles, a feature that allows users to load files through tmsh or the GUI onto the BIG-IP which can be referenced from iRules. This has an immediate use case of supplanting several of our codeshare entries for sorr... Read more
Average Rating: 4.9
8 Reviews

iRules 101 - #17 – Mapping Protocol Fields with the Binary Scan Command

Introduction An iRule is a powerful and flexible feature of BIG-IP devices based on F5's exclusive TMOS architecture.  iRules provide you with unprecedented control to directly manipulate and manage any IP application traffic. ... Read more
Average Rating: 4.9
8 Reviews

iRules 101 - #11 - Events

The cornerstone of an iRule is the event.  An event is an iRule extension to TCL that enables modular based programming by allowing one to write code that executes only within the context of a certain state of a connection.  This article... Read more
Average Rating: 4.9
8 Reviews

iRule Security 101 - #06 - HTTP Referer

In this article, I'm going to talk about the HTTP "Referer" header, how it's used, and how you can use iRules to ensure that an access request to a website is coming from where you want it to come from. Other articles in the... Read more
Average Rating: 4.9
8 Reviews

HEIST Vulnerability – Overview and BIG-IP Mitigation

An interesting topic was talked about in the recent Black Hat conference. It is a new attack called HEIST (HTTP Encrypted Information can be Stolen through TCP-windows) which demonstrates how to extract sensitive data from any authenticated... Read more
Average Rating: 4.9
7 Reviews

iHealth Upgrade Advisor: Making upgrades a little easier

Whether it is upgrading the firmware on a switch, the OS on a server, an important business application or the software on a BIG-IP, performing upgrades is something that makes almost all IT Admins and Network Engineers nervous. We’ve learned from... Read more
Average Rating: 4.9
7 Reviews

Mitigating BIND CVE-2015-5477 with iRules

While SOL16909: BIND vulnerability CVE-2015-5477 is the official SOL, and the best mitigation is, of course, upgrading to a fixed versions of TMOS, what if you can't upgrade right now?  The best option is to not use BIND at all.... Read more
Average Rating: 4.9
7 Reviews

ASM – Rapid Deployment

Hallo liebe Leser, heute möchte ich mich einem ASM (Application Security Manager) Thema, also der WebApplication Firewall von F5 widmen. Sehr oft erlebe ich bei Kunden die Anforderung Webapplikationen vor Angriffen zu schützen. ... Read more
Average Rating: 4.9
7 Reviews

SDN: Ask why, not what!

The problem A lot of vendors have an SDN strategy. Unfortunately, our customers tell us that these strategies tend to vary in coherency. SDN does have a place but there is a danger of it becoming a solution in search of a problem. Consequently,... Read more
Average Rating: 4.9
7 Reviews

The BIG-IP Application Security Manager Part 3: The Importance of File Types, Parameters, and URLs

This is the third article in a 10-part series on the BIG-IP Application Security Manager (ASM). The first two articles in this series are: What is the BIG-IP ASM? Policy Building This third article in the series will discuss the importance... Read more
Average Rating: 4.9
7 Reviews

One Time Passwords via an SMS Gateway with BIG-IP Access Policy Manager

One time passwords, or OTP, are used (as the name indicates) for a single session or transaction.  The plus side is a more secure deployment, the downside is two-fold—first, most solutions involve a token system, which is costly i... Read more
Average Rating: 4.9
7 Reviews

HTTP Basic Access Authentication iRule Style

I started working on an administrator control panel for my previous Small URL Generator Tech Tip (part 1 and part 2) and realized that we probably didn’t want to make our Small URL statistics and controls viewable by everyone. That led me to make... Read more
Average Rating: 4.9
7 Reviews

iRules 101 - #06 - When

In the first part of this series, we discussed the various components of an iRule and specifically how we have implemented the concept of events in the TCL language.  The "when" command is used to define a block of code associated... Read more
Average Rating: 4.9
7 Reviews

iRules 101 - #03 - Variables

As you're beginning to get more comfortable reading and writing iRules, you're going to continue expanding your toolbox as well as the tasks you're going to tackle. If your experience is anything like mine then sooner, rather than... Read more
Average Rating: 4.9
7 Reviews

Nessus 6 XSLT Conversion for ASM Generic Scanner Import

Nessus 6 XSLT Conversion for ASM Generic Scanner Schema Import Read more
Average Rating: 4.9
6 Reviews