14-Jul-2022 15:12
Hello Community, I am new to F5 and I want to do migration from layer7 to F5. Please can someone guide me through on what to do?
17-Jul-2022 01:52 - edited 17-Jul-2022 01:54
Hello,
when you say you want to do L7 migration, which attack you want to mitigated ?
L7 mitigations is wide and can be brute force, DDoD, injections (XSS, SQLi)
Typically Adv WAF is the right product for this. here are some links. let us know if you need more sources.
18-Jul-2022 07:11
Hello,
Currently our layer7 is out of support and we need the functionality migrated to the F5. I'm new to F5 and would wish to have some help on how to accomplish the task of migrating from layer7 to F5.
19-Jul-2022 23:40
Hi @Nforba it sounds like you may be referring to the former CA Layer7 API Gateway product? I don't believe we have any specific documented guidance on this. Do you have an idea of what functions were done on the Layer7 and we might be able to point you in the direction for how these would be setup on a BIG-IP?
20-Jul-2022 07:11
The following functions are running on the layer7
SAP PROCESS ORCHESTRATION
Solarwinds
SAP Services (Gateway, gateway rest and gateway timeout long).
On layer7 API Gateway 1) TLS or SSL request is done, 2) HTTP basic authentication against LDAP and 3) redirect app server such as SAP PO, SAP PRD
We need to migrate those services to F5. Thanks
20-Jul-2022 07:38
@buulam, this is actually the former CA API Gateway
20-Jul-2022 08:30
Ok, this is a fairly older document but it gives an idea of configuration of some of these features.
https://www.f5.com/pdf/deployment-guides/f5-sap-dg.pdf
These are fairly standard LTM functions so if you are familiar with basic LTM operations, you should be good. If not, you may want to have a look at university.f5.com so some introductory content on LTM to get yourself up and running.
20-Jul-2022 13:43
We already have SAP deployed and the task I want to accomplish is using F5 as an API gateway that will route traffic to SAP. We do have BIG-IP ASM/AMP/LTM products.
20-Jul-2022 21:50
You can achieve a lot of that but you'll need to dissect the functions from the existing Layer7 solution a little bit further. They do typically translate to what would be standard reverse proxy, SSL/TLS offload or bridging, rewriting, authentication and WAF functions on a BIG-IP. Each of those functions is a lot to unpack if you are just getting started with BIG-IP so I would suggest at least getting through some of the Getting Started courses on university.f5.com. I would also suggest discussing with your local F5 Solutions Engineer as well as they can probably get into a deeper discussion about what you have configured on your Layer7 and give you a bit of a road map on what to tackle first on your BIG-IP.
21-Jul-2022 10:54
We are currently utilizing Layer7 as an API gateway, mainly to handle LDAP authentication and SAP ochestration. We want to move those services from layer 7 to F5 and get rid of layer7. I just need a process or steps to migrate any of the service
25-Jul-2022 10:03
This might be a good place to start: https://techdocs.f5.com/en-us/bigip-15-0-0/big-ip-local-traffic-manager-implementations/configuring-...
This depends a bit on your familiarity with BIG-IP but this can at least get you started.