For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

ptate_72056's avatar
ptate_72056
Icon for Nimbostratus rankNimbostratus
Jan 23, 2009

Persistence cookies and security

Hi Everyone,     We've recently had a security audit reveal that the BigIP persistence cookie contains the IP address and the port of the node the user connected to.     I can se...
config
design
Deb_Allen_18's avatar
Deb_Allen_18
Historic F5 Account
Jan 23, 2009
The cookie data is encrypted and decrypted by the LTM only using the specified key. The client, since it does not have the key, cannot decrypt the cookie, so any data within it is not readable by the client.