Forum Discussion

jwham20's avatar
jwham20
Icon for Nimbostratus rankNimbostratus
Apr 13, 2012

Security Guru Question

What: F5 Security Panel Webcast

 

When: April 25th 10-11 AM PST

 

Why: Cause there are always questions

 

 

Event Details: F5 Security Guru Panel

 

 

Remember to post questions in this thread if you'd like them answered by the panel. Any security related question is accepted!

3 Replies

  • We are using the ASM module for our web application to help protect common web security vulnerabilities (i.e OWASP).

     

     

    During web penetration and vulnerabiltiy assessment, would you recommend that we turn on or off the ASM? What is a good strategy?

     

     

    Thanks.
  • Another question, what is a good strategy for creating a baseline profile/policy for the ASM?
  • We are designing a small cloud infrastructure with F5 LB, thought of taking this opportunity to clarify below security concerns:

     

     

    1. We'll have multiple customers with source overlapping IPs

     

    Is it secure enough to create a VLAN in LTM or do we need separate route domains (for route domains is partitioning required)

     

     

    2. What are the hardware based limitation for above if we choose F5 LTM models

     

     

    3. If it's a VLAN segregation, can a server from one vlan communicate to other.

     

    We would like to understand what are the security problems for other customers when a server from any of the configured customer is compromised.

     

     

    4. If there is a DoS attack to one of the customer servers, is it going to affect the performance of entire LB (we do not plan to limit the connections per virtual server)

     

    Is Viprion the only alternative to keep other customers unaffected.