DevCentral's Featured Member for July - Rhazi Youssef
Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and our Featured Series gives you some insight on some of our most active folks.
Rhazi Youssef has been a very active DevCentral member since 2012 and the third engineer we've featured from e-Xpert Solutions SA. Initially Rhazi was a bit reluctant to participate as he's a quiet, humble guy and we're thrilled that he's DevCentral's Featured Member for July!
Let's learn a bit more about Rhazi.
DevCentral: Please explain to the DevCentral community a little about yourself, what you do and why it’s important.
Rhazi: I’m a security engineer since 2009 working in Geneva (Switzerland), a region with several security projects involving F5 BIG-IP (GTM, LTM, ASM, APM). My interest began early when I started and installed several security equipment like Mail relay, FW, SIEM&SEM, web proxy…
But I admit that my job became more interesting when I started to approach the application part. I am talking about WAF (ASM), perimeter security (APM), LTM (LB, optimization,)…
I immediately bonded with this product since it is very rich, complete and scalable with its time. It is for this reason that I invested heavily on this product by passing for example all my certificates which gives me today the title of “Security Solution Expert” (401).
DC: You are a very active contributor in the DevCentral community. What keeps you involved?
RY: First off, like everyone else I admit that Devcentral has already allowed me to get out of trouble and not just once, and I thank the community for this. The DevCentral community is very much involved in sharing, helping and informing members. This work done by the community helped me a lot in my work (I upgraded my skills) so I think it is normal for me to give back to the community that helped me...and offer advice that will help with experience and knowledge the community to move forward.
My investment in the community is even easier since F5 is a product that is very important to me. Today I work primarily on F5 BIG-IP (APM, ASM, LTM, GTM, WebSafe) which allows me to have an important experience on the potential problems that one can meet during a deployment, so it's the least of the things to help the community when I can.
DC: Tell us a little about the areas of BIG-IP expertise you have.
RY: These last 6 years I worked mainly on F5, I had the chance to work with some very great customers that I cannot mention :-). I deployed all types of hardware until VIPRION. And today I work on almost all of the BIG-IP modules (ASM, APM, LTM, GTM, VCMP, LC, WebSafe).
The advantage with F5 is that you cannot get tired of this product. It is rich, complete and scalable. For example the APM that allowed me to meet the needs of our customers by going from the identity federation (SAML) to Oauth&OpenID connect. But still it's the same thing for ASM and other modules. We do not say it often enough but this product allows us to be up to date in terms of security; I'm talking about authentication protocols that the APM offers, different security methods carried by the ASM ... all these aspects allow us to maintain our level and to learn ...
DC: You are a Sr. Security Engineer with e-Xpert Solutions SA. Can you describe your typical workday, how you manage work/life balance and the strong support of F5 solutions?
RY: As everyone knows the job of Security Engineer is not easy. We must manage several clients, several projects, manage customer support, communicate with clients (vulnerabilities, news), schedule management, project tracking,...
So every morning I spend quite some time to manage my emails, my calendar and answer to my customers. I am registered to F5 RSS feed, which keep me updated on CVE, I also follow many f5 webinars (I usually watch them later when they are online).
At e-Xpert solutions I am product manager of F5 solution, so I have to inform my colleagues about vulnerabilities or any new features, I must also regularly write news that we publish on our website. The other PMs do the same thing with their own products which also allows me to be informed about the other products of our portfolio.
During my working day I connect regularly to DevCentral when I have some time to help or learn about some interesting topics. For me, helping the community is not binding. On the contrary, certain questions allow us to update ourselves on certain subjects and to exchange on our different points of view.
I finished my work day in the evening by doing a small check of my mails and a pass on my usual information sites which included DevCentral. I almost forgot I work out every 3 days and I try to run at least every 2 days (no excuse for gym time!).
If you are interested, here is the website of the company in which I evolve: https://www.e-xpertsolutions.com/
DC: You have a number of F5 Certifications. Why are these important to you and how have they helped with your career?
RY: 8 months ago I had my last certification “Security Solution Expert” (401). Having all these certifications was very important to me. First of all in order to guarantee a high level of expertise to our customer. Moreover this certification process obliges us to study and consequently to update us on the different modules.
These certifications are like a quality label, our customers appreciate when the engineers who intervene has the higher level of certification.
Moreover with the experience that I have, I think that the passage of these certifications allow us to have a richer view of the product and consequently to propose to our customers the best possible alternatives according to their needs.
DC: Describe one of your biggest BIG-IP challenges and how DevCentral helped in that situation.
RY: DC allowed me several times to solve the different problems I encountered. Things that seem simple to me today but that was not at the time I posted them and caused me quite some problems (Kerberos delegation, Kerberos authentication, Sideband, DDOS using iRule with session table …).
I remember that I had to set up a perimeter of security to protect an application using the APM (I know it looks pretty simple). But I realized that the application was contextual (Web and JNLP) and that the APM session cookies were not propagated on to other contexts, so JNLP part could not connect.
I will not go into the technical details but I had to create an iRule that used a table of correspondence between the cookie APM and the JNLP JSessionID that I stocked in a table session. Later I made an SSO on the backend application using the sideband (SSO profiles APM was not suitable). DC allowed me to build my iRule and sincerely without DC I would have had a lot of trouble and it would have taken me took a lot of time. And lastly DC allowed me to set up a fakeadfs using iRulesLX (and without DC, I do not think I could have done it alone).
DC: Finally, if you weren’t an IT admin – what would be your dream job? Or better, when you were a kid – what did you want to be when you grew up?
RY: When I was little and did not have school I spent my whole day on the football fields. I could play for 6 hours of suites without stopping. I loved football and I still do. So as you guessed I wanted to become a professional. But reality has taken over the dreams. Growing up I discovered computer science I started to build/dismantle my pc to add ram, change the hard drive, buy new graphics card for games... and little by little, I ended up in IT and I really do not regret it, but I admit that if I could have had the career of Ronaldo and also his salary I would not have mind either.
If there is a DevCentral member you think should be featured, let us know in the comments section!