Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters

Articles

Sort results

Configuring Smart Card Authentication and Kerberos Constrained Delegation in F5 Access Policy Manager (APM)

In previous articles, we have discussed the use of F5 BIG-IP as a SSL VPN and then followed up by adding endpoint security to the same Access Profile configuration we used for VPN access. I now wanted to take some time to discuss a use case that... Read more
1 Review

Lightboard Lessons: Introducing F5 DataSafe

F5 DataSafe protects data and credentials entered into sensitive fields in your web application by encrypting data at the application layer on the client side... Read more
2 Reviews

DevCentral's Featured Member for July - Rhazi Youssef

Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and our Featured Series gives you some insight on some of our most active folks. Rhazi Youssef... Read more
Average Rating: 4.9
4 Reviews

Configuring Endpoint Security (Client-Side) Using F5 Access Policy Manager (APM)

In a previous article we discussed how to configure the BIG-IP as an SSL VPN solution. I wanted to take this and go a bit further by adding additional security to this solution by requiring certain end point settings, services or even updates be... Read more
Average Rating: 4.0
4 Reviews

Achieving firewall high-availability in Azure with F5

This article focuses on load balancing firewalls, achieving high availability, and protecting inbound non-HTTPS traffic, as well as outbound traffic in Microsoft Azure Read more
1 Review

Lightboard Lessons: The TLS 1.3 Handshake

The handshake process between client and server has changed dramatically with the new TLS 1.3 protocol. The new process is much more efficient and allows encrypted application data to flow much faster than in previous versions... Read more
1 Review

Lightboard Lessons: What Are AEAD Ciphers?

The recent TLS 1.3 protocol mandates Authenticated Encryption with Associated Data (AEAD) Ciphers for bulk encryption. As web servers and browsers transition to using these ciphers, it's important to know what they are and how they work... Read more
Average Rating: 4.8
4 Reviews

New BIG-IP ASM v13 WordPress v4.9 Ready Template

F5 has created a specialized ASM template to simplify the configuration process of WordPress v4.9 with the new version of BIG-IP 13.x Click here to access the .zip file that contains the template:  WordPress v4.9 ASM Template for BIG-IP... Read more
0 Reviews

Configuring Smart Card Authentication to BIG-IP Management Interface

How do we smart card enable our BIG-IP management interface? DevCentral shows how it's done. I will also share some troubleshooting steps, logs and tools I used to overcome my issues while attempting this. So, with that, let's get started. Read more
2 Reviews

New BIG-IP ASM v13 Drupal v8 Ready Template

ASM Ready Template update for Drupal v8 include Goal/Deployment steps Read more
0 Reviews

Remote Code Execution with Spring OAuth Extension (CVE-2018-1260)

Recently, a new Remote Code Execution vulnerability in Spring OAuth extension was published by Pivotal. The OAuth Protocol OAuth is a protocol that supports authorization processes by enabling users to share their data and resources stored on... Read more
0 Reviews

Lightboard Lessons: Explaining TLS 1.3

The newest version of the TLS protocol was recently approved by the Internet Engineering Task Force -- TLS 1.3. There are several key changes in this protocol... Read more
Average Rating: 4.9
7 Reviews

AppSec Made Easy: Credential Protection

Learn how to use the F5 Advanced Web Application Firewall to protect your credentials. Identities are the keys to our applications and criminals can steal them right from the browser. DataSafe protects the credentials at the most vulnerable point. Read more
1 Review

AppSec Made Easy: L7 Behavioral DoS

Learn how to use the F5 Advanced Web Application Firewall to easily implement Behavioral DoS protections for your application using dynamic signatures to reduce false positives and automate protection. Read more
1 Review

AppSec Made Easy: Anti-Bot for Mobile APIs

Learn how to use the F5 Advanced Web Application Firewall to easily lock down your applications so that bots can’t attack your mobile APIs. This video will show you the quick way to add anti-bot and other protections directly into your mobile app. Read more
Average Rating: 4.9
4 Reviews

Lightboard Lessons: F5 DDoS Hybrid Defender

DDoS Hybrid Defender (DHD) is a purpose-built hybrid solution that provides comprehensive L3-7 DDoS mitigation, to prevent network, application, and volumetric attacks... Read more
0 Reviews

Lightboard Lessons: Introducing the F5 Advanced WAF

The F5 Advanced Web Application Firewall (WAF) provides a powerful set of security features that will keep your Web Applications safe from attack... Read more
1 Review

AppSec Made Easy: Proactive Bot Defense

Learn how to use the F5 Advanced Web Application Firewall to easily protect your applications against bots. Bots can be used as tools for a variety of attacks such as DoS, credential stuffing and brute force, or web scraping. Read more
Average Rating: 4.8
4 Reviews

Drupal Core Remote Code Execution (CVE-2018-7602)

A new critical Remote Code Execution vulnerability in Drupal core was published. This new vulnerability is similar to CVE-2018-7600, also known as “Drupalgeddon 2”. It was found that the sanitation function that was added to address the... Read more
0 Reviews

Intelligent Proxy Steering - Office365

Introduction This solution started back in May 2015 when I was helping a customer bypass their forward proxy servers due to the significant increase in the number of client connections after moving to Office365. Luckily for them, they have a... Read more
Average Rating: 4.9
3 Reviews

Directory Traversal with Spring MVC on Windows (CVE-2018-1271)

Recently a directory traversal vulnerability in the Spring Framework was published (CVE-2018-1271). The Spring application will only be vulnerable when it is deployed on a Microsoft Windows based operating system and the application developer uses... Read more
0 Reviews

PEM: Subscriber-Aware Policy and Why Every Large Network Needs One

Previous post “PEM: Key Component of the  Next Generation University Network” provided a high-level overview of several Policy Enforcement Manager features which help K-12 Schools, Colleges and Universities transform their Networks into... Read more
Average Rating: 4.9
3 Reviews

Remote Code Execution with Spring Data Commons (CVE-2018-1273)

In the recent days another critical vulnerability in Spring Framework was published (CVE-2018-1273). This time the vulnerable component is Spring Data Commons. Spring Data component goal is to provide a common API for accessing NoSQL and... Read more
0 Reviews

Lightboard Lessons: What is a Web Application Firewall (WAF)?

Traditional network firewalls (Layer 3-4) do a great job preventing outsiders from accessing internal networks. But, these firewalls offer little to no support in the protection of application layer traffic... Read more
Average Rating: 4.9
3 Reviews

Unbreaking the Internet and Converting Protocols

When CloudFlare took over 1.1.1.1 for their DNS service; this got be thinking about a couple of issues:What do you do if you’ve been using 1.1.1.1 on your network, how do you unbreak the Internet?How can you enable use of DNS over TLS for clients... Read more
Average Rating: 4.9
3 Reviews