This is adapated from the original post by Matt Miller. 今天的安全局勢具有高度複雜化的傾向，原因大致上可以歸咎於日益複雜化的網路攻擊本質，特別是從管理者的觀點來看。例如，分散式拒絕服務攻擊(DDoS)現在已達到400Gbps速度，目標包括網路和應用層。很顯然的，攻擊者持續進化，開發其他方法來繞過包括防火牆等傳統安全防護。 對於面對應用層DDoS攻擊威脅的企業而言，必須克服的挑戰在於如何區分人類流量與魁儡(bot)流量。 ... Read more

With so many new and varied devices such as smartphones, smartwatches, laptops, and tablets accessing a service provider network, with a 2.9 device per-person average worldwide according to a Sophos survey, it’s no wonder there is Operator... Read more

Probably the biggest IT security threat to F5 Networks is typing this blog, and probably the biggest threat to your organization is reading it. OK, I don’t mean me or you, as such. We are, after all, IT professionals and wouldn’t dream of clicking... Read more

We entered 2014 on a fillip. Frost & Sullivan had just named us the vendor leading WAF market in Asia Pacific and Japan. The Frost Industry Quotient, put F5 and nine other companies under their analytical magnifying glass, examining our mark... Read more

If you enjoyed In 5 Minutes or Less: BIG-IP Advanced Firewall Manager, this is a much deeper dive into the BIG-IP AFM solution.  I introduce BIG-IP Advanced Firewall Manager (AFM) and have Josh Mendosa, Product Management Engineer, show a... Read more

I show you the new BIG-IP Advanced Firewall Manager as part of the BIG-IP v11.3 release in around 5 minutes...or so. LimelightPlayerUtil.initEmbed('limelight_player_355181'); ps Related: SAML Federation with BIG-IP Access Policy Manager:... Read more

Why stop at 3 when you can go to 4? Over the past few posts on this ever-expanding topic, we’ve discussed using ADFS to provide single sign-on access to Office 365. But what about single sign-out? A customer turned me onto Tristan Watkins’ blog... Read more

I meet with Splunk's Will Hayes, Director of Business Development at F5's Agility Summit. We get a look at some of the newest Splunk reports for F5's BIG-IP solutions including the BIG-IP Data Center Firewall Solution. ps ... Read more

Okay, so I never mentioned a part 3. But, the topic is just too much fun to let go. Besides, we have one more important section to cover. First, let’s recap parts one and two. In part one we discussed load balancing the ADFS and ADFS proxy farms... Read more

I meet with F5's Professional Services Consultant Sam Richman to review some of the stats from the World’s Largest Portable Network.  Highlights  included:  BIG-IP Data Center Firewall pushed a Terabyte of data; BIG-IP Web... Read more

So let’s talk Application Delivery Controllers, (ADC).  In part one of this series we deployed both an internal ADFS farm as well as a perimeter ADFS proxy farm using the Big-IP’s exceptional load balancing capabilities to provide HA and... Read more

When an army is configuring defenses, it is not merely the placement of troops and equipment that must be considered, but the likely avenues of attack, directions the attack could develop if it is successful, the terrain around the avenues of... Read more

Peter Silva interviews F5 Security Product Manager Preston Hogue about the BIG-IP Data Center Firewall Solution, BIG-IP's ICSA Certification and some BIG-IP differences vs. traditional firewalls. ";" alt="" />RSA 2012 -... Read more

Just like the early settlers who migrated en masse across the country by wagon train along the Oregon Trail, enterprises are migrating up into the cloud. Well okay, maybe not exactly like the early settlers. But, although there may not be a mass... Read more

The longer an application remains vulnerable, the more likely it is to be compromised. Protecting web applications is an around-the-clock job. Almost anything that is connected to the Internet is a target these days, and organizations are... Read more

#adcfw #infosec F5 is changing the game on security by unifying it at the application and service delivery layer. Over the past few years we’ve seen firewalls fail repeatedly. We’ve seen business disrupted, security thwarted, and reputations... Read more

#adcfw #RSAC #infosec The focus on bandwidth and traffic continue to distract from the real problems with traditional inbound protections … The past year brought us many stories focusing on successful attacks on organizations for a wide variety... Read more

#adcfw Normal0falsefalsefalseEN-USX-NONEX-NONEMicrosoftInternetExplorer4/* Style Definitions */table.MsoNormalTable{mso-style-name:"Table... Read more

#adcfw Normal0falsefalsefalseEN-USX-NONEX-NONEMicrosoftInternetExplorer4/* Style Definitions */table.MsoNormalTable{mso-style-name:"Table... Read more

Founder & CTO of WhiteHat Security, Jeremiah Grossman talks about the F5/WhiteHat partnership, the benefits of the WhiteHat Sentinel & BIG-IP ASM integration, the sophistication level of some of the recent attacks/breaches reported in the... Read more

#infosec A recently discovered 0-day Apache exploit is no problem for BIG-IP. Here’s a couple of different options using F5 solutions to secure your site against it. It’s called “Apache Killer” and it’s yet another example of exploiting not a... Read more

Note: While talking about this post with Lori during a break, it occurred to me that you might be thinking I meant “MS Windows”. Not this time, but that gives me another blog idea… And I’ll sneak in the windows –> Windows simile somewhere, no... Read more

Do you really need a firewall to secure web and application services? Some organizations would say no based on their experiences while others are sure to quail at the very thought of such an unnatural suggestion. Firewalls are, in most... Read more

Recently I was in a conversation where someone seriously suggested that Web Application Acceleration and WAN Optimization should be the job of developers, since they are in the code and creating the network traffic. At first I was taken aback b... Read more

Use network-side scripting, of course! While just about every developer and information security professional knows that a buffer-overflow exploit can result in the execution of malicious code not many truly grok the “why”. Fortunately, it’s not... Read more