Hi all,
I came across this question this morning and looked forward to the feedback. I've used the info here to help secure our LTMS and GTMs.
I'd like to take this further maybe and talk about locking the system down even further - if possible that is. We're currently going through a pci compliance project. For those of you who don't know about pci it's bascially a security best practice process. Anyway does anyone know of any guidelines from F5 or elsewhere that helps get our kit locked down even further?
I've yet to carry out a port scan on the kit so I'm not sure what is open, nor am I sure about the implementation of the protocols and services available.
We use F5 kit quite heavily in our infrastructure so hopefully this won't be too painful. Any help, as always, is greatly appreciated.
Thanks,
Joe