on 01-Mar-2023 04:00
Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and our Featured Series gives you some insight on some of our most engaged folks. DevCentral MVP Thomas Dahlmann is our Featured Member for March 2023! He's been helping lots of other members with some great tips so let's catch up with Thomas! Plus, his birthday is this month so let's all wish him a Happy Birthday!
DevCentral: First, please explain to the DC community a little about yourself, what you do and why it is important.
Thomas: I am an experienced (aka old) senior security consultant who is deeply passionate about technology. I have an insatiable curiosity and am determined to fully understand the inner workings of any technology I encounter. This curiosity has led me down many rabbit holes and taken up a significant amount of my spare time, but it has also been instrumental to where I am today.
I joined the security industry as a trainee at IBM in 2000 which started my journey into the world of firewalls, vpn, antivirus (yes I’m that old), mail scanners and a lot more. It was a blast.
I had my first encounter with F5 in 2006 and have never looked back. It really got into my blood stream. In comparison, other technologies seem trivial and uninteresting.
The F5 technology stack gives an unpresedented visibility into what goes around in the infrastructure and especially what needs to be done about it to keep bad actors out and maintain production stability.
I’m told that I laugh a lot and easy to locate in a big building.
DevCentral: You’ve been an active contributor in the DevCentral community. What keeps you involved?
Thomas: While the F5 software stack is undeniably impressive, it can also be a daunting challenge that feels like a vertical mountain waiting to be climbed. As someone who has bumped their head and picked up painful experiences along the way, I am determined to spare others from similar struggles.
I am constantly learning from DC and consider it my go-to source for knowledge and inspiration. As a result, I feel a sense of responsibility to share my insights with the community. We all stand on the shoulders of others, and I find it incredibly fulfilling to help lift others up and empower them to succeed.
DevCentral: Tell us a little about the technical expertise/learning history you have.
Thomas: I think, like many others, my journey started with LTM. It was a good fit for me as an infrastructure individual coming from the switching, routing, firewall world. The logic around the proxy mindset gave me a better understanding of the lower levels in the protocols as well as the higher. The more I played around with iRules the more familiar I became with HTTP and its inner workings. It was also in those days when Firepass came around and introduced me to authentication on a whole new level. When Firepass became APM the toolset just jumped to a complete new level.
In the good old days before cloud and CDN, BIG-IP GTM (now called DNS) and WAM had its prime time and I also had a couple of projects with delivering content closest to the client. Again, it was an experince which got me up close and personal with HTTP and how you could trick the browser to be smarter.
One of the most difficult modules to get on the wire is BIG-IP ASM/AWAF. It took me a couple of months to learn how to use the tool but many many years to master the delicate process of convincing customers that a web firewall is worth the time and show them how to operate it without the struggle. Recent time has given us Shellshock and Log4j so it has become easier to exemplify the needs for protecting the webapplications.
Due to the recent geopolitical situation DDoS has shown us how vulnerable we are without proper protection, and here AFM has shown why it is there. It is quite satisfying to watch a DDoS attack just being swept away without interfering with production.
As the F5 environment becomes bigger and more complex, I have used more and more time on finding ways to automate and work smarter. This is why I started my Let's Encrypt integration automation scripts. A lot of time goes into this simple but important task and saving just a couple of minutes every day really counts. This scripting focus also talks natually into the way clouds work and how you fx operate thousands of domains in F5 Distributed Cloud. A lot of what is required of us today is simply too dynamic to be operated manually. Fortunately, the F5 software stack has consistently proven to be a reliable and effective solution for meeting these needs.
DevCentral: You are a Senior Security Consultant at Orange Cyberdefense. Can you describe your typical workday, how you manage work/life balance and the strong support of F5 solutions? How has the pandemic impacted your work?
Thomas: My job is multiroled and besides working as a consultant I also have a dozen consultants reporting to me. So, a typical week is split between nursing my consultants, administrative tasks, interfacing with the business and helping out customers.
When I work as a consultant my assignments are split into projects and ad-hoc tasks.
Balancing all of these responsibilities can be a delicate task, as it is important to ensure that I don't burn out. Luckily I'm a soccer dad which forces me to clock-out and stand on the sideline of the soccer fields or shuttle the kids around the country for matches. There is nothing like mother nature teaching you about themodynamics of the northern hemisphere (freezing your extremities off) to clear you mind.
To sharpen my F5 skills I have created my own mini datacenter back home. I run my own mail infrastructure and various other services. Most of these services are tied in behind some sort of F5 product, BigIP or NGINX. This forces me to be eating my own dogfood and is a perfect testbed for solutions my customers are looking for or I can build new crazy constructions for inspriation. It is simply the best way of learning how it all works.
Now looking back at the previous 2-3 years of Covid I feel a lot has changed and a lot stays the same. The nature of the pandemic has forced us to think differently, and for some to brake habbits. For some it is now possible to be working remotely which was unheard of before. This flexibility has really given possibilities and made the world a bigger place. It has also shown to me that I really need to be close to people and I how much I thriwe in a crowd. I feel we lost out on a lot of oppotunities because of the distance and people were harder to reach. Nothing beats a room with a whiteboard and a lot of coffee. I think were are slowly finding a new balance between interacting physcially and working remotely.
DevCentral: Do you have any F5 Certifications? If so, why are these important to you and how have they helped with your career?
Thomas: Yes, I'm a 401 CSE. There are two specific reasons as to why I hold this certification. First one is to keep our partner level, we must hold a certain amount certified consultants. The second one is to prove to customers that I can more than spell to F5. You become more trustworthy with this badge.
I have always been in the partner channel so certifications were mandatory. What I have come to realize is that being forced to prepare for these certifications actually gets you through documentation you otherwise wouldn't have. Everytime I do this I pick up new knowledge, niche or sometimes groundbraking. So it isn't all bad.
DevCentral: Describe one of your biggest Customer challenges and how the community helped in that situation.
Thomas: Recalling all the times I've frantically searched for a small detail that ultimately saved the day is a challenge. However, it's often those little things that make a significant difference.
I see the big strength of the community in that you always have access to a solution, part of it or inspiration for it. This ubiquitous access to knowledge for everyone is what sets F5 apart from all others.
If I shall highlight a single event I think I will select a situation where one of my customers was suffering from DDoS attacks that we needed to fix - fast. A search on DC gave me a skeleton for an iRule. Our requirements where somewhat more demanding than what we could find, but by giving us the inspiration the iRule grew from 20 lines to beyond 600. This iRule is now in my standard toolbelt against DDoS and is slowly expanding everytime attacks comes in or the customer environments changes. It has proven its worth and is now protecting numerous customers in different industries. A true testament to the power of the community.
DevCentral: Lastly, if you weren’t doing what you’re doing – what would be your dream career? Or better, when you were a kid – what did you want to be when you grew up?
Thomas: When it comes to my career path it has always been easy - something with IT. Observing others as they struggle to find their way, I feel immensely privileged by how effortlessly my own journey has unfolded. I don't think I have ever dreamed of being anything else, boring I know.
Should I have chosen another path, I think I would have chosen a military career. Ironically, when I look at my daily life today, I can't help but feel that I chose a non-kinetic military path, as I find myself entrenched in protecting customers from cyber attacks.
---Thanks Thomas! The DevCentral Community really appreciates your willingness to share with our Members.
Connect and Follow on Social:
Thanks for sharing @lnxgeek.
I shall henceforth replace the term experienced everywhere I have become accustomed to using old from now on.
- When my kids wanna race? "No - I'm too experienced too run."
- When I get outta bed with a sore back? "Oh boy - I am feeling really experienced today!"
- When I reference something from the 80's or 90's? "I have an experienced saying for that..."
"Nothing beats a room with a whiteboard and a lot of coffee." - I couldn't agree more. Perhaps one day we'll share some coffee at least.
Cheers - and thanks for being part of our community.
@LiefZimmerman I'm glad to be able to "enrich" your vocabulary with some strategic phrases 🤣🤣🤣
I really really hope that we some day get together so you can give a tour of the tower and the local beer! Boy do I miss Agility.....
Can vouch, @lnxgeek - @LiefZimmerman did explain how he was using the term "experienced" now in at least one meeting, and the turn of phrase may now be spreading across our department.
You'll be in good hands with Lief at the Tower - he knows which floors have the best coffee options. 😄