For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

F5 Distributed Cloud

4 Topics

F5 Roles required for Catalog Items
Having difficulty mapping required roles for a group to have proper access to catalog items. If I create a group call Security-Team and I want them to manage the security like WAF (Web App * API Protection) and Bot Defense, Web App Scanning and whatever else the Security Team should be monitoring to keep our environment safe. What Roles are required for management? They don't need access to everything, just what is required for the application security. Then we have a group called Support-Teams that need ReadOnly access to everything so they can log into F5 XC and just view everything with no ability to make changes. Not sure what Roles would get assigned to this group. Both scenarios let's assume all namespaces. Any help or direction is most appreciated.
WildWeasel
Aug 07, 2025 Place XC Users Forum
81Views
0likes
1Comment
XC Backup via API
Hi Floks, I would like to automate the backup (and restore if needed!) of my XC configurations via the API. What is the best way, can I save all the configurations at once, should I save the namespaces completely, one by one or should I save each object of a namespace (pool, healthcheck, HTTP LB, App FW...)? Or maybe it's doable per service? In short, what is the smartest way to make a complete backup of the confs? Thanks.
Solved
AlsDevC
May 16, 2023 Place XC Users Forum
1.8KViews
1like
3Comments
XC - Obelix table syncer list operation failed.... How can I check point?
Hi, I installed CE in our vCenter. I deployed 'certified Hardware' is 'vmware-regular-nic-voltmesh'. I wanna inside network connect to global network. The internal interface network is not allocated and an error message is displayed. How can I next action? I can't find the this issues...
Hooni_L
Mar 21, 2023 Place XC Users Forum
1.6KViews
0likes
3Comments
F5 Distributed Cloud(XC) Site Edge/Customer Sites without Regional Edge capabilities question.
Hello, I decided to finally read about the the F5 Distributed Cloud and I had some questions about using only Site Edge Nodes (Customer Sites) without Regional Edge Nodes. Is layer 7 DOS/DDOS protection still an option without Regional Edge ? For me this should work as only for Layer 3/4 DOS/DDOS the Regional Edge is needed as a scrubbing center. Also is it possible to make ipsec/ssl tunnels between Site Edge Nodes full mesh? From I read in https://docs.cloud.f5.com/docs/about-f5-distributed-cloud/mesh this should be correct if I am reading it right "Using an industry-proven network stack with most advanced BGP implementation, we are able to provide full-mesh or hub-and-spoke connectivity across cloud or edge sites. The nodes automatically create secure IPSec/SSL tunnels with each other if they have direct IP reachability or securely connect to multiple nearest global PoPs. Using application or policy-based routing, traffic can be load balanced for optimal performance across this network. In addition, you can enable a network firewall and forward proxy capabilities to control and filter traffic to and from the applications."
Solved
Nikoolayy1
Oct 26, 2022 Place XC Users Forum
3.2KViews
0likes
3Comments