Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters

Articles

Sort results

Intelligent Proxy Steering - Office365

Introduction This solution started back in May 2015 when I was helping a customer bypass their forward proxy servers due to the significant increase in the number of client connections after moving to Office365. Luckily for them, they have a... Read more
0 Reviews

Directory Traversal with Spring MVC on Windows (CVE-2018-1271)

Recently a directory traversal vulnerability in the Spring Framework was published (CVE-2018-1271). The Spring application will only be vulnerable when it is deployed on a Microsoft Windows based operating system and the application developer uses... Read more
0 Reviews

PEM: Subscriber-Aware Policy and Why Every Large Network Needs One

Previous post “PEM: Key Component of the  Next Generation University Network” provided a high-level overview of several Policy Enforcement Manager features which help K-12 Schools, Colleges and Universities transform their Networks into... Read more
0 Reviews

Remote Code Execution with Spring Data Commons (CVE-2018-1273)

In the recent days another critical vulnerability in Spring Framework was published (CVE-2018-1273). This time the vulnerable component is Spring Data Commons. Spring Data component goal is to provide a common API for accessing NoSQL and... Read more
0 Reviews

Lightboard Lessons: What is a Web Application Firewall (WAF)?

Traditional network firewalls (Layer 3-4) do a great job preventing outsiders from accessing internal networks. But, these firewalls offer little to no support in the protection of application layer traffic... Read more
1 Review

Unbreaking the Internet and Converting Protocols

When CloudFlare took over 1.1.1.1 for their DNS service; this got be thinking about a couple of issues:What do you do if you’ve been using 1.1.1.1 on your network, how do you unbreak the Internet?How can you enable use of DNS over TLS for clients... Read more
2 Reviews

Spring Framework Spring-Messaging Remote Code Execution (CVE-2018-1270 / CVE-2018-1275)

In the recent days a critical vulnerability in Spring framework was published. The vulnerable component is Spring-Messaging which is the Spring implementation of WebSockets, Spring-Messaging uses the STOMP messaging protocol as the subprotocol for... Read more
0 Reviews

ADFS Proxy on F5 BIG-IP Deployment

F5 BIG-IP version 13.1 can act as your ADFS Proxy, replacing the Web App Proxies (WAP), halving the number of servers required! Read more
1 Review

Lightboard Lessons: OWASP Top 10 - Insufficient Logging and Monitoring

The OWASP Top 10 is a list of the most common security risks on the Internet today.  The #10 risk in the latest edition is "Insufficient Logging and Monitoring".  Logging and monitoring are sometimes viewed as not the most interesting topics, but... Read more
1 Review

Methods to attach ASM policy to virtual server via REST API requests

Understand different ways to attach ASM security policies to a BIG-IP virtual server with DevCentral. Read more
0 Reviews

DevCentral's Featured Member for April - Daniel Varela

Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and our Featured Series gives you some insight on some of our most active folks. Daniel Varela... Read more
0 Reviews

Increased Security With First Party Cookies

HTTP cookies are an essential part of many web based applications, useful for tracking session and state information.  But they can also be exploited to leak information to third party sites using a method known as Cross Site Request... Read more
0 Reviews

Jackson-Databind - A Story of Blacklisting Java Deserialization Gadgets

Jackson is a popular library for parsing JSON documents in Java. Jackson-Databind is a module of the Jackson library that allows automatic transformation from JSON to Java objects and vice versa. In June 2017, an unsafe deserialization... Read more
0 Reviews

Drupal Core SA-CORE-2018-002 Remote Code Execution Vulnerability

The Drupal community woke up to a worrisome morning with the SA-CORE-2018-002 security advisory. The highly critical vulnerability mentions remote code execution vulnerability applicable to multiple Drupal core subsystems. The vulnerability... Read more
0 Reviews

PEM: Key Component of the Next Generation University Network

In recent years, higher education institutions have become significant providers of digital services and content, ranging from mesh WiFi access to virtual-classroom services featuring high-bandwidth real-time collaboration experiences for... Read more
0 Reviews

Post of the Week: SAML IdP and SP on One BIG-IP

In this Lightboard Post of the Week, I answer a question about being able to do SAML IdP and SP on a single BIG-IP VE. Thanks to DevCentral Members hpr and Daniel Varela for the question and answer. 25 DC points for ya! Posted Question on... Read more
0 Reviews

See BIG-IP and Flowmon Out-of-path DDoS protection in action!

Watch F5's combined BIG-IP/Flowmon solution performing a mitigation of a simulated volumetric DDoS SYN Flood attack in a short 5-minute YouTube video! Read more
1 Review

Protect your AWS API Gateway with F5 BIG-IP WAF

This article will help you deploy an F5 BIG-IP WAF in front of your AWS API Gateway to provide additional security. It shows how to deploy a basic WAF policy to protect your API Gateway, and you can expand from there to add Denial of Service or... Read more
Average Rating: 4.9
7 Reviews

Lightboard Lessons: Explaining the Spectre and Meltdown Vulnerabilities

The "Spectre" and "Meltdown" vulnerabilities affect almost every computer in the world.  One of the very interesting things about each of these vulnerabilities is that they target the hardware (processor) of the computer rather than the software. Read more
2 Reviews

Lightboard Lessons: OWASP Top 10 - Using Components With Known Vulnerabilities

The OWASP Top 10 is a list of the most common security risks on the Internet today.  The #9 risk is "Using Components With Known Vulnerabilities".  It may seem obvious that you wouldn't want to use components that have known vulnerabilities... Read more
0 Reviews

Frequently Asked Questions - F5 Access 2018

This articles discusses the differences between F5 Access 2018 and F5 Access iOS VPN applications. Read more
1 Review

Configuring the F5 BIG-IP as an Explicit Forward Web Proxy Using Secure Web Gateway (SWG)

In previous articles, we have discussed the use of F5 BIG-IP as a SSL VPN and other use cases for external or inbound access. I now wanted to take some time to discuss an outbound access use case using F5 BIG-IP as an explicit forward web proxy.... Read more
0 Reviews

ADFS Proxy Replacement on F5 BIG-IP

BIG-IP Access Policy Manager can now replace the need for Web Application Proxy servers providing security for your modern AD FS deployment with MS-ADFSPIP support released in BIG-IP v13.1. This article will provide a one stop shop for you to... Read more
Average Rating: 4.9
3 Reviews

Lightboard Lessons: Explaining the GitHub DDoS Attack

On Feb 28, 2018 the popular website GitHub was the victim of the largest Distributed Denial of Service (DDoS) attack in recorded history.  The attackers used open memcached servers to launch an amplification attack... Read more
Average Rating: 4.9
4 Reviews

Lightboard Lessons: OWASP Top 10 - Insecure Deserialization

The OWASP Top 10 is a list of the most common security risks on the Internet today.  Insecure Deserialization comes in at the #8 spot in the latest edition... Read more
1 Review