Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Cieciak's avatar
Cieciak
Icon for Nimbostratus rankNimbostratus
May 18, 2022

TAP service on BIG IP LTM

Hi Guys, its been  a while since I've been working wiht big ip so looking forward to start it now again. Lately I was asked if there is an option of TAPing decrypted traffic on the big ip and mirrori...
security
Cieciak's avatar
Cieciak
Icon for Nimbostratus rankNimbostratus
May 22, 2022

Thank you Sebastiansierra and Amine_Kadimi - I am meeting cuistomer tomorrow to discuss all options. To sum up there are these to chose from: port mirroring, clone pool, passthrough IPS/IDS, TAP service (requires SSL Orchestration license). I will update ticket after implementation 🙂

mohitjoshi's avatar
mohitjoshi
Icon for Nimbostratus rankNimbostratus
Oct 24, 2023

Any idea on pros and cons of each of these mechnisms for traffic mirroring a) port mirroring b) clone pool, c) passthrough IPS/IDS, Tap Service (SSL orchestration).

Also for tap the consumer of the mirrored traffic needs to be on the same L2 network, what is the preferred way to carry this over to an L3 network (some encapsulation)