Technical Articles
F5 SMEs share good practice.
5583 PostsActivity in Articles
GlueCon 2022 Recap - Are in-person conferences a thing again?
[Scroll down for accompanying videos] Over the past 2 years, I've seen many events in our industry take a shot at delivering a virtual experience. Let's face it, though, virtual events are not the same. Why? You miss "The Hallway Track". This is the...
Public Cloud Simplified with F5 NGINX for Azure
IntroOverview of F5 NGINX for AzureProblems Solved by F5 NGINX for AzureStep-by-step Deployment of F5 NGINX for AzureDeploymentValidationAdd NGINX ConfigurationAdd Network Security Group and RulesAssociate NSG with SubnetTest ApplicationSummaryResour...
Trying to Fill Some Giant Shoes...
Tuesday, May 24th marks the first DCC for me to be an "official" cast member! I'm taking over the vacant chair left by Mr. John Wagnon, as our DCC security specialist. Having seen John in the community for years and years, it seems like a daunting t...
How to easily protect your BIG-IP applications using F5's Distributed Cloud Bot Defense with iApps
Prerequisites This article assumes that you have access to the F5 Distributed Cloud and you are using BIG-IP version 14.1 to 16.x Log in to your tenant dashboard. You should now see a new tile called Bot Defense. Click on the Bot Defense til...
Different ways Financial Services Institutions can deploy NGINX in Azure
To meet increasing customer expectations for state-of-the-art digital experiences, banking and financial services institutions need to transform their organizations to accelerate digital innovation and app modernization. Opening up monolithic applic...
How to deploy a basic OWASP Top 10 for 2021 compliant declarative WAF policy for BIG-IP (Part 2)
This article follows up the excellent article written by @Valentin_Tobi on the same subject based on OWASP Top 10 2017. I will borrow heavily from the original and update this where changes have been made. This is part 2, where I will cover the OWAS...
Overview of API Access Control and implementing API key access control with BIG-IP APM
Rapid Growth of APIs APIs are getting more and more important in today’s modern application environment. Microservices communicate with each other through APIs and most S/Ws and H/Ws are also managed by their own API calls. While the adoption of API...
F5 NGINX ModSecurity WAF Is Transitioning to End-of-Life
For our F5 NGINX Plus customers, you may be aware that there has been a product called NGINX ModSecurity WAF we offer. It was recently announced this offering will be transitioning to End-of-Life (EoL) effective March 31, 2024. It was moved to End-o...
How to deploy a basic OWASP Top 10 for 2021 compliant declarative WAF policy for BIG-IP
This article follows up the excellent article written by @Valentin_Tobi on the same subject based on OWASP Top 10 2017. I will borrow heavily from the original and update this where changes have been made. Due to length of this article, I will split...
Traffic Intelligence in AFM through Categories
Introduction In previous article I talked about how we can configure AFM for filtering URL traffic using URL classification feature, this allows us to control web traffic traversing AFM. This can be very useful because using FQDN in firewall rules...
Deploy Services in Google Cloud using v2 BIG-IP Cloud Solution Templates with New Stack
IntroHow-to v2 Quickstart Example: BIG-IP on Google Cloud with New Network StackClone GitHub RepositoryModify Parameters - New StackDeploy the BIG-IP - New StackValidating the DeploymentSSH to BIG-IP and Review LogsTesting the Application and WAFDele...
Deploy Services in Google Cloud using v2 BIG-IP Cloud Solution Templates with Existing Stack
IntroHow-to v2 Quickstart Example: BIG-IP on Google Cloud with Existing Network StackClone GitHub RepositoryModify Parameters - Existing StackDeploy the BIG-IP - Existing StackValidating the DeploymentSSH to BIG-IP and Review LogsTesting the Applicat...
New Ways to Deploy Services in Public Cloud with v2 BIG-IP Cloud Solution Templates
IntroCloud Template History: v1 versus v2Example v2 TemplatesSummaryResourcesArticle Series Intro The BIG-IP Public Cloud team has developed many solutions over the years to enable customers to easily deploy BIG-IP with a few steps. The latest Cloud ...
Differentiating between the BIG-IP data plane and control plane
The newest F5 security advisory articles state whether specified vulnerabilities impact the control plane, the data plane, or both. Data-plane processing is related to the basic process of getting data, whether it be input from a system or requests...
Deploy the NGINX Modern Apps Reference Architecture locally
The NGINX Modern Apps Reference Architecture (MARA) project is now available, to run locally, on MicroK8s. In the detailed article, posted at NGINX.com/blog/mara-now-running-on-workstation-near-you, you will find HowTo steps to deploy MARA using NGI...
Exploring F5OS automation features on VELOS
Concepts VELOS is F5's latest generation chassis platform, providing a high density, high performance hardware platform for organisations that need the ultimate performance for on-premise applications. With VELOS, a new hypervisor operating system ca...
F5 Distributed Cloud Platform: Right Tools for the Right Jobs – Cloud Migration
Welcome to F5 Distributed Cloud Platform. Today I am going to share with you on a topic on “Right Tools for the Right Job” specifically focusing on Cloud Migration Journey – which migrating workloads from on-prem to public cloud. I had many convers...
SPECIAL DevCentral Connects - on Basic iControl Security
Basic iControl Security - DevCentral Connects Join @JRahm and @buulam on May 12, 2022 at 8AM Pacific as they look at some common questions for people who are getting to know the BIG-IP iControl API. How To: * find out if you're using iControl * ver...
BIG-IP Geolocation Updates – Part 7
BIG-IP Geolocation Updates – Part 7 Introduction Management of geolocation services within the BIG-IP require updates to the geolocation database so that the inquired IP addresses are correctly characterized for service delivery and security enforce...
AI/ML detection of Malicious Users using F5 Distributed Cloud WAAP – Part I
Introduction As people embraced the Internet as a part of their daily lives, businesses all over the world discovered an easier way to reach a large customer base that is not restricted by geographical boundaries. While that is important, it has als...
BIG-IP Geolocation Updates – Part 6
BIG-IP Geolocation Updates – Part 6 Introduction Management of geolocation services within the BIG-IP require updates to the geolocation database so that the inquired IP addresses are correctly characterized for service delivery and security enforce...
BIG-IP Meets DoD’s Needs for Next Level Logging Capabilities
Logs can either tell you everything you need to know for a quick resolution, or they lack the required detail, like what passed and what failed — leaving many scratching their heads when attempting any sort of meaningful forensic data analysis. This...
Spring4shell iApp
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description iApp to simplify deployment of spring4shell Problem solved by this Code Snippet My friend and colleague Ismael wrote a useful iRule to miti...
BIG-IP Geolocation Updates – Part 5
BIG-IP Geolocation Updates – Part 5 Introduction Management of geolocation services within the BIG-IP require updates to the geolocation database so that the inquired IP addresses are correctly characterized for service delivery and security enforce...
Password Safety & Security: Passwords vs. Passphrases
May 5th 2022 is World Password Day and F5 Labs want to celebrate it! By now I think everyone in IT has seen the excellent XKCD comic on passphrases. Passphrases are easier to remember, longer, and, therefore, more secure than passwords. Right? XKCD c...
iRule to serve security.txt file - RFC 9116
One week ago, on 27. April 2022, the IETF has published RFC 9116 describing the security.txt file. The purpose of this file is to aid in responsible disclosure, a process that allows security researchers to safely report vulnerabilities. The file sh...
BIG-IP Geolocation Updates – Part 4
BIG-IP Geolocation Updates – Part 4 Introduction Management of geolocation services within the BIG-IP require updates to the geolocation database so that the inquired IP addresses are correctly characterized for service delivery and security enforce...
ICYMI on DevCentral - April 2022
DevCentral publishes a ton of content each month and it's easy for articles/videos/forum posts to get lost on the timeline. Here's a snapshot of the top posts and videos from April 2022, in case you missed it! Solved on the Technical Forum /var ful...
DevCentral's Featured Member for May - Rodolfo Nützmann
Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and our Featured Series gives you some insight on some of our most engaged folks. DevCentral Member ...
BIG-IP Geolocation Updates – Part 3
BIG-IP Geolocation Updates – Part 3 Introduction Management of geolocation services within the BIG-IP require updates to the geolocation database so that the inquired IP addresses are correctly characterized for service delivery and security enforcem...
