Technical Articles
F5 SMEs share good practice.
6010 PostsActivity in Articles
Understanding Man-in-the-Middle (MitM) Attacks and How to Defend Against Them
Understanding the Man-in-the-Middle Attack The Man-in-the-Middle (MitM) attack is a fundamental network session hijacking technique. This attack can block, alter, or intercept network traffic. For example, an attacker using MitM might discreetly cap...
Reminder: MFA now required to log in to DevCentral
Hey everyone, We are now requiring multi-factor authentication (MFA) to log in to all DevCentral accounts in order to better ensure secure interactions on DevCentral. Please read our INITIAL ANNOUNCEMENT HERE. Logging in to F5 accounts – including D...
AI Safety: Navigating Deception, Emergent Goals, and Power-seeking Behaviors
Introduction This serves as a companion to the article I previously wrote on security of generative AI. In the previous article, I wrote about security however in this article I wanted to focus on safety of Artificial Intelligence. While safe...
How to search the latest security academic papers
Introduction While following the state-of-the-art of security-related technologies and gathering information is a daily job for engineers, we engineers often take a practical approach to gathering information. For example, when I gather security-rel...
Curse the Rusty OSS supply chain - September 10th to 16th, 2023 - F5 SIRT - This Week in Security
This Week in Security September 10th to 16th, 2023 Aaron here as your editor this week for a round-up of interesting or notable security news from the last week that caught my eye; keeping up to date with new technologies, techniques and informati...
Adaptive Apps: Replicate & deploy WAF application security policies across F5's security portfolio
Introduction Adaptive applications utilize an architectural approach that facilitates rapid and often fully-automated responses to changing conditions—for example, new cyberattacks, updates to security posture, application performance degradations, ...
ExternalName Service and Authentication Subrequests with NGINX Ingress Controller
Summary Features like subrequests for authentication, adding/removing HTTP headers, and supporting services of type ExternalName in Kubernetes (K8s) are great reasons to use F5 NGINX Ingress Controller. Documentation and examples of NGINX configurat...
Minimizing Security Complexity: Managing Distributed WAF Policies
Introduction: In today's digital landscape, where cyber threats constantly evolve, safeguarding an enterprise's web applications is of paramount importance. However, for security engineers tasked with protecting a large enterprise equipped with a s...
Where are F5's archived deployment guides?
Archived F5 Deployment Guides This article contains an index of F5’s archived deployment guides, previously hosted on F5 | Multi-Cloud Security and Application Delivery. They are all now hosted on cdn.f5.com. Archived guides... are no longer support...
APIs Everywhere
Size of the problem In a recent conversation, a customer mentioned they figured they had something on the order of 6000 API endpoints in their environment. This struck me as odd, as I am pretty sure they have 1000+ HTTP-based applications running o...
Security in K-12, Fuzzing, AI Threat Modeling - Sept 3 to Sept 9, 2023 F5 SIRT This Week in Security
Jordan here as your editor this week. This week I reviewed Security in K-12 Education, LLM Enhanced Fuzzing, & AI Threat Modeling. Keeping up to date with new technologies, techniques and information is an important part of our role in the F5 SIRT. ...
Securing Applications using mTLS Supported by F5 Distributed Cloud
Introduction Mutual Transport Layer Security (mTLS) is a process that establishes encrypted and secure TLS connection between the parties and ensures both parties use X.509 digital certificates to authenticate each other. It helps to prevent the mal...
Unify Visibility with F5 ACI ServiceCenter in Cisco ACI and F5 BIG-IP Deployments
What is F5 ACI ServiceCenter? F5 ACI ServiceCenter is an application that runs natively on Cisco Application Policy Infrastructure Controller (APIC), which provides administrators a unified way to manage both L2-L3 and L4-L7 infrastructure in F5 BIG...
Victory or invasion of privacy? Bot-net takedowns - Qakbot
In the last week we saw much fanfare surrounding the news that the FBI had taken down the Qakbot bot-net and I wanted to dive into their actions and give you my thoughts – but before I do that, let’s talk a bit about Qakbot itself. Qakbot, Qbot, Pin...
F5 Hybrid Security Architectures (Part 5 - F5 XC, BIG-IP APM, CIS, and NGINX Ingress Controller)
Introduction: For those of you following along with the F5 Hybrid Security Architectures series, welcome back! If this is your first foray into the series and would like some background, have a look at the intro article. This series is using the F...
Overview of F5 Distributed Cloud Dashboards
Table Of Contents: IntroductionSecurity DashboardsWeb Application and API Protection (WAAP) dashboardClient-Side Defense (CSD) DashboardBot Defense DashboardMulti-Cloud DashboardsMulti-Cloud Network Connect DashboardMulti-Cloud App Connect DashboardC...
CyberDefenseTopics, RFC1126, AI Usage - Aug 27th to Sep 2nd, 2023 F5 SIRT This Week in Security
Editor's introduction This week in security editor is Koichi. I recently hear the word ""Active Cyber Defense" in the news on TV. So I chose topics of Japanese cyber security agency, Active Cyber Defense, data transmission by pigeon, and how to use...
Enhance Performance and Increase Scalability with F5 BIG-IP on HPE GreenLake
In modern networking and application delivery, where the seamless and secure transmission of data is paramount, the F5 BIG-IP platform stands as a cornerstone. F5 BIG-IP represents an advanced and comprehensive solution designed to optimize applicat...
Demo Guide: F5 Distributed Cloud DNS (SaaS Console)
DNS, a Domain Name Service is a mechanism of how humans and machines discover where to connect. It is the universal directory of addresses to names. It is the most prominent feature that every service on the Internet depends on. It will be very crit...
Testing the security controls for a notional FDX Open Banking deployment
Introduction Unlike other Open Banking initiatives that are mandate-driven in a top-down approach, the North-American Open Banking standardisation effort is industry-led, in a bottom-up fashion by the Financial Data Exchange (FDX), a non-profit body...
Leveraging Ansible Rulebooks for Streamlined Event Triggers: Advantages and Benefits
In today's highly dynamic and interconnected IT landscape, efficiently managing network infrastructure is essential for ensuring seamless operations and optimal performance. To further enhance the capabilities of F5 products and address the growing...
SSL Orchestrator Advanced Use Cases: DNS Sinkholing
Introduction One's mind probably doesn't gravitate to DNS security when thinking about an SSL visibility solution, but as I've already demonstrated in the DNS-over-HTTPS Detection use case, modern DNS architectures do have an interesting integration ...
FBI notification about zero day, WinRAR 0day Aug 20-26, 2023 F5 SIRT This Week in Security
This Week in Security Aug 20-26, 2023 FBI notification about zero day, WinRAR 0day and Flax Typhoon Editor's introduction What’s new this week in security? It looks like hackers are very busy doing their hacking job. Reading the news this week it...
Setting up BIG-IP with AWS CloudHSM
Recently I was working on a project and there was a requirement for using AWS CloudHSM. F5 has documented the process to install the AWS CloudHSM client in the implementation guide. I found it light on details of working config and lacked an exampl...
F5 Distributed Cloud - Service Policy - Header Matching Logic & Processing
Introduction Who knows what an iRule is? iRules have been used by F5 BIG-IP customers for a quarter of a century! One of the most common use cases for iRules are for security decisions. If you're not coming from a BIG-IP and iRules background, wh...
F5 Distributed Cloud Network Connect and NetApp BlueXP - Data Disaster Recovery Across Hybrid Cloud
An important and long-standing need for enterprise storage is the ability to recover from disasters through both rapid and easy access to constantly replicated data volumes. Beyond reducing corporate downtime from recovery events, the replicated vo...
SSLO in public cloud: Azure inbound L3 use case
Summary I have a customer who uses BIG-IP SSL Orchestrator (SSLo) on premises for inbound traffic, and they wanted to replicate this architecture in several Azure regions. This article explains how to achieve this, and is specifically focused on an ...
Zero Trust building blocks - F5 BIG-IP Access Policy Manager (APM) and PingIdentity
We started a discussion on Machine Identity and Zero Trust building blocks in Zero Trust building blocks - Machine Identity Management (MIM) and Workload Protection . In that article we talked about one of the main items on NIST ZTNA framework which...
Data Leaks, CISA Secure by Design AI, Citrix CVEs and More-Aug 13-19- F5 SIRT-This Week in Security
F5 SIRT This Week in Security Aug 13-19th, 2023 Unintentional Data Leaks, CISA Secure by Design AI, Citrix criticals, Discord breach, and BlackCat (again) Editor's introduction Hello and welcome to this edition of This Week In Security! Arvin i...
Integrating SSL Orchestrator with CheckPoint Firewall VM-Explicit Proxy
Introduction SSL Orchestrator centralizes & manages decryption of SSL/TLS traffic. This enables security and monitoring tools to view the decrypted content and analyze it for threats and other anomalies. SSL Orchestrator removes the burden of decr...
