Passing Authenticated Header to SSLO

Hi all,

Starting to rollout SSLO in our organization and we are using the architecture Explicit Proxies ( Symantec ) -> F5 SSLO -> Internet. To simplify the introduction of SSLO we are keeping the authentication of our users on the Symantec proxies and passing headers to the F5.

We are able to insert header data this WITHOUT having to SSL Intercept via Symantec proxies ( which is pretty cool ) so the next step is to get the SSLO appliance to recognize these headers ( currently customer headername with auth user and clientIP ), use them when passing to services ( such as DLP / CAS ) and remove the headers before forwarding out to the Internet.

Pretty sure in theory this is all possible, just working through the implementation is where I am needing some direction :). Any interesting articles around SSLO have people seen ?

APM

security

Forum Discussion

Passing Authenticated Header to SSLO

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Passing Arguments to iCall Scripts

Doing mTLS Authentication per URL

Akamai G20 Header Authentication

Application Programming Interface (API) Authentication types simplified