Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters

Articles

Sort results

A Catch from the Codeshare: Let's Encrypt

Let's Encrypt is an ambitious free and open certificate authority, this article highlights a clever solution for maintaining it on BIG-IP... Read more
1 Review

BIG-IP APMとPassLogicを連携させて端末固有情報の登録を自動化する方法

Technorati タグ: APM,BIG-IP,iRules   SSLVPN利用基盤の構築においてクライアント証明書を用いずにデバイスの制限を簡易な運用で実現できる仕組みを検討されており、下記のような要件があったとします... Read more
1 Review

David Holmes Greatest Hits, 2015 Edition

The complete list of everything authored by yours truly in 2015. Except the NC-17 stuff, which they told me been told should remain un-promoted. Read more
0 Reviews

Two-Factor Authentication – Remote Desktop Gateway

Technical Challenge Recently I touched on a problem that F5 IT was facing with Two-Factor Authentication (TFA) and VPN clients that didn’t support it (Two-Factor Authentication - Captive Portal). I figured this would be a great opportunity to talk... Read more
1 Review

Getting Around the Logon/Legal Banner Issues when using APM PCoIP Proxy and Horizon

If you're using APM's PCoIP Proxy and require a logon banner, you've probably figured out that the PCoIP Proxy integration stops working when you turn on the integrated logon banner from within the Horizon Administrator. Adding to the... Read more
Average Rating: 4.9
3 Reviews

Two-Factor Authentication – Captive Portal

Technical Challenge F5 like most large enterprises organizations require Two-Factor Authentication (TFA) for employee remote connectivity. To meet this requirement IT integrated BIG-IP Access Policy Manager with a third-party vendor that provides... Read more
Average Rating: 4.7
14 Reviews

Mitigating BIND CVE-2015-5477 with iRules

While SOL16909: BIND vulnerability CVE-2015-5477 is the official SOL, and the best mitigation is, of course, upgrading to a fixed versions of TMOS, what if you can't upgrade right now?  The best option is to not use BIND at all.... Read more
Average Rating: 4.9
7 Reviews

WhiteBoard Wednesday: HTTP Strict Transport Security

In this edition of Whiteboard Wednesday, we discuss the topic of HTTP Strict Transport Security (HSTS).  This interconnected world is quickly moving toward encrypting everything, and it's nice to know some of the capabilities that are... Read more
1 Review

Security iRules

Ever wonder what iRules have to do with security? Check out these iRules! Enhance Protection from Targeted Attacks HashDos Defender – This iRule guards against Hash collision “HashDoS” attacks through HTTP POST Parameters. By enabling F5®... Read more
Average Rating: 4.4
5 Reviews

Optimizing the CVE-2015-1635 iRule

A couple days ago an iRule was published that mitigates Microsoft’s HTTP.sys vulnerability described in CVE-2015-1635 and MS15-034. It’s a short rule, but it features the dreaded regex. Every time I get the chance at user groups, conferences,... Read more
2 Reviews

Using iRules to mitigate Microsoft's MS15-034 / CVE-2015-1635 Range vulnerability

As more information becomes available regarding the recently published Range vulnerability affecting Microsoft platforms (see MS15-034and CVE-2015-1635), you can start mitigating your backend applications using the following iRule that... Read more
Average Rating: 4.5
6 Reviews

DNS Interception: Protecting the Client

Introduction Everything starts with a DNS request. So why not use it to protect the client? With the recent addition of Secure Web Gateway Services to the F5 line up of modules in TMOS 11.5, it provided the ability to access a URL Categorization... Read more
Average Rating: 4.9
5 Reviews

US FEDERAL: Enabling Kerberos for Smartcard Authentication to Apache.

The following provides guidance on the configuration of BIG-IP Local Traffic Manager and Access Policy Manager in support of Apache Web Server Smartcard / Kerberos access using Active Directory as the Key Distribution Center.  This content is... Read more
2 Reviews

DevCentral Top 5: Feb 25, 2015

The articles on DevCentral have been absolutely fantastic as of late.  Understandably, readers can expect to find great F5-related technical content here at DevCentral, but several industry-relevant pieces are also found in this... Read more
1 Review

IE Universal XSS Vulnerability Mitigation

An article on CIO.com yesterday discussed an easy attack vector on IE 11 on Windows 8.1, but it works on my Windows 7 with IE 10 as well. To see the (benign) attack in action, follow these steps: In IE, go to... Read more
1 Review

BIG-IQ Grows UP

Today F5 is announcing a new F5® BIG-IQ™ 4.5. This release includes a new BIG-IQ component – BIG-IQ ADC. Version 4.5 isn't just another dot release. IMHO, this release should have been numbered 5.0. With this release, BIG-IQ is finally... Read more
2 Reviews

Security Irules 101: Engage Cloak!

Introduction iRules are a powerful tool in the F5 administrators arsenal. They allow administrators to adapt and customize the F5 to their needs. They provide extensive power for security engineers as well. We’ve decided it’s time to revisi... Read more
0 Reviews

Security Irules 101: You can’t always get what you want.. or can you?

Introduction iRules are a powerful tool in the F5 administrators arsenal. They allow administrators to adapt and customize the F5 to their needs.  They provide extensive power for security engineers as well. We’ve decided it’s tim... Read more
Average Rating: 4.9
3 Reviews

20 Lines or Less #82

What could you do with your code in 20 Lines or Less? That's the question we like to ask from, for, and of (feel free to insert your favorite preposition here) the DevCentral community, and every time we do, we go looking to find cool new... Read more
1 Review

iRule to stop SSLv3 connections

The below iRule written by my team will stop all SSLv3 connections. If you are not using the SSL termination capabilities of your BIG-IP and instead are doing TCP load balancing, then the iRule will protect your servers from the POODLE attack.If... Read more
Average Rating: 4.9
10 Reviews

DevCentral Top 5: Oct 6, 2014

These past two weeks have proven to be more than eventful with the "shock"ing discovery of a critical bash vulnerability that stole the security headlines for several days.  Times like these might have you repeating the words of the... Read more
2 Reviews

Shellshock mitigation with BIG-IP iRules

This article illustrates how to mitigate the CVE-2014-6271 Shellshocked vulnerability with F5 iRules. Read more
Average Rating: 4.8
12 Reviews

F5 Synthesis: Hybrid to the Core

#SDAS #SDN #Cloud #SSL #HTTP2.0 F5 continues to pave the way for business to adopt disruptive technologies without, well, as much disruption. The term hybrid is somewhat misleading. In the original sense of the word, it means to bring together... Read more
0 Reviews

DNS iRules: Protect Yourself From "ANY" Amplification Attacks

This is the latest in a series of DNS articles that I've been writing over the past couple of months.  I started out writing about the basics of DNS and then dug into some cool DNS features on the BIG-IP.  But I wanted to spend a... Read more
1 Review