F5 Content Switching
I am coming from a netscaler world where they had an element in the UI for content switching... I know with F5 you can use iRules to select a Pool but the problem I find with that is in the netscaler world you select a virtual server to content switch to which has the advantage of having all of the virtual server specific policies/authenication/waf etc tied to it. Is it possible to use irules to direct to another virtual server with F5 while retaining the same external IP for the client instead of the pool? (ie: I don't want to do a simple redirection from one url to another or ip to another, it needs to be transparent like netscaler does)BIG-IP Configuration Conversion Scripts
Kirk Bauer, John Alam, and Pete White created a handful of perl and/or python scripts aimed at easing your migration from some of the “other guys” to BIG-IP.While they aren’t going to map every nook and cranny of the configurations to a BIG-IP feature, they will get you well along the way, taking out as much of the human error element as possible.Links to the codeshare articles below. Cisco ACE (perl) Cisco ACE via tmsh (perl) Cisco ACE (python) Cisco CSS (perl) Cisco CSS via tmsh (perl) Cisco CSM (perl) Citrix Netscaler (perl) Radware via tmsh (perl) Radware (python)
F5 Predicts: Education gets personal
The topic of education is taking centre stage today like never before. I think we can all agree that education has come a long way from the days where students and teachers were confined to a classroom with a chalkboard. Technology now underpins virtually every sector and education is no exception. The Internet is now the principal enabling mechanism by which students assemble, spread ideas and sow economic opportunities. Education data has become a hot topic in a quest to transform the manner in which students learn. According to Steven Ross, a professor at the Centre for Research and Reform in Education at Johns Hopkins University, the use of data to customise education for students will be the key driver for learning in the future[1].This technological revolution has resulted in a surge of online learning courses accessible to anyone with a smart device. A two-year assessment of the massive open online courses (MOOCs) created by HarvardX and MITxrevealed that there were 1.7 million course entries in the 68 MOOC [2].This translates to about 1 million unique participants, who on average engage with 1.7 courses each. This equity of education is undoubtedly providing vast opportunities for students around the globe and improving their access to education. With more than half a million apps to choose from on different platforms such as the iOS and Android, both teachers and students can obtain digital resources on any subject. As education progresses in the digital era, here are some considerations for educational institutions to consider: Scale and security The emergence of a smogasborad of MOOC providers, such as Coursera and edX, have challenged the traditional, geographical and technological boundaries of education today. Digital learning will continue to grow driving the demand for seamless and user friendly learning environments. In addition, technological advancements in education offers new opportunities for government and enterprises. It will be most effective if provided these organisations have the ability to rapidly scale and adapt to an all new digital world – having information services easily available, accessible and secured. Many educational institutions have just as many users as those in large multinational corporations and are faced with the issue of scale when delivering applications. The aim now is no longer about how to get fast connection for students, but how quickly content can be provisioned and served and how seamless the user experience can be. No longer can traditional methods provide our customers with the horizontal scaling needed. They require an intelligent and flexible framework to deploy and manage applications and resources. Hence, having an application-centric infrastructure in place to accelerate the roll-out of curriculum to its user base, is critical in addition to securing user access and traffic in the overall environment. Ensuring connectivity We live in a Gen-Y world that demands a high level of convenience and speed from practically everyone and anything. This demand for convenience has brought about reform and revolutionised the way education is delivered to students. Furthermore, the Internet of things (IoT), has introduced a whole new raft of ways in which teachers can educate their students. Whether teaching and learning is via connected devices such as a Smart Board or iPad, seamless access to data and content have never been more pertinent than now. With the increasing reliance on Internet bandwidth, textbooks are no longer the primary means of educating, given that students are becoming more web oriented. The shift helps educational institutes to better personalise the curriculum based on data garnered from students and their work. Duty of care As the cloud continues to test and transform the realms of education around the world, educational institutions are opting for a centralised services model, where they can easily select the services they want delivered to students to enhance their learning experience. Hence, educational institutions have a duty of care around the type of content accessed and how it is obtained by students. They can enforce acceptable use policies by only delivering content that is useful to the curriculum, with strong user identification and access policies in place. By securing the app, malware and viruses can be mitigated from the institute’s environment. From an outbound perspective, educators can be assured that students are only getting the content they are meant to get access to. F5 has the answer BIG-IP LTM acts as the bedrock for educational organisations to provision, optimise and deliver its services. It provides the ability to publish applications out to the Internet in a quickly and timely manner within a controlled and secured environment. F5 crucially provides both the performance and the horizontal scaling required to meet the highest levels of throughput. At the same time, BIG-IP APM provides schools with the ability to leverage virtual desktop infrastructure (VDI) applications downstream, scale up and down and not have to install costly VDI gateways on site, whilst centralising the security decisions that come with it. As part of this, custom iApps can be developed to rapidly and consistently deliver, as well as reconfigure the applications that are published out to the Internet in a secure, seamless and manageable way. BIG-IP Application Security Manager (ASM) provides an application layer security to protect vital educational assets, as well as the applications and content being continuously published. ASM allows educational institutes to tailor security profiles that fit like a glove to wrap seamlessly around every application. It also gives a level of assurance that all applications are delivered in a secure manner. Education tomorrow It is hard not to feel the profound impact that technology has on education. Technology in the digital era has created a new level of personalised learning. The time is ripe for the digitisation of education, but the integrity of the process demands the presence of technology being at the forefront, so as to ensure the security, scalability and delivery of content and data. The equity of education that technology offers, helps with addressing factors such as access to education, language, affordability, distance, and equality. Furthermore, it eliminates geographical boundaries by enabling the mass delivery of quality education with the right policies in place. [1] http://www.wsj.com/articles/SB10001424052702304756104579451241225610478 [2] http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2586847
Snapshot capability of VE Guests on VCMP
Hi all, I wish to investigate on the backup/restore capcacity beyond ucs backup. With VEs running on VMWare we can take adavantage of VMWare's snapshot capability to have images of the VE before we operate on it. Are there similar capabilities available on my 5250V/VCMP? Cheers, Gabe
LDAPS Monitor with Certificate Expiration
Hi Team, I have been working with my AD team trying to resolve a problem where they forget to update a Domain Controller certificate and it expires and ADLDAPS queries fail since they dont bind to expired certificates. They have requested to see if we can drop a member out of the pool if the certificate is expired ( ie, not a valid SSL cert ) I have been messing with the LDAP Health monitor, turning on the Security settings, but I dont believe this would actually check that a certificate is valid or not. I know with server side SSL configuration you can enable SSL authentication but would just stop traffic from flow, not actually drop a member out of the pool. Any ideas ?
Sharepoint 2010 Health Monitor
I have an HTTP GET health monitor setup for our Sharepoint 2010 servers. The health montior seems to work as I am seeing 200s come back from the server after authentication. However, what I'm also seeing is the health monitor sending along several GETs without the NTLM credentials and those come back with 401 authentication errors: Logs from Sharepoint server...top two are not successful as the LTM did not send along the credentials of PPL\spsearchqa. Bottom two are successful with the creds: 2015-04-24 13:48:04 xxx.xxx.xxx.xxx GET /sitepages/Home.aspx - 80 - xxx.xxx.xxx.xxx Mozilla/5.0+(Windows+NT+5.1;+rv:2.0.1)+Gecko/20100101+Firefox/4.0.1 401 2 5 5 2015-04-24 13:48:04 xxx.xxx.xxx.xxx GET /sitepages/Home.aspx - 80 - xxx.xxx.xxx.xxx Mozilla/5.0+(Windows+NT+5.1;+rv:2.0.1)+Gecko/20100101+Firefox/4.0.1 401 1 2148074254 5 2015-04-24 13:48:08 xxx.xxx.xxx.xxx GET /sitepages/Home.aspx - 80 PPL\spsearchqa xxx.xxx.xxx.xxx Mozilla/5.0+(Windows+NT+5.1;+rv:2.0.1)+Gecko/20100101+Firefox/4.0.1 200 0 64 12045 2015-04-24 13:48:14 xxx.xxx.xxx.xxx GET /sitepages/Home.aspx - 80 PPL\spsearchqa xxx.xxx.xxx.xxx Mozilla/5.0+(Windows+NT+5.1;+rv:2.0.1)+Gecko/20100101+Firefox/4.0.1 200 0 64 10075 Here is how my health monitor is setup: Any help would be very much appreciated. Thank you!GTM Internal and External View configuration
Hi Team, One of our customer requirement is to configure GTM as DNS server for both external user and internal user. Few of the records are common for both internal and external user but ip address are different. eg : abc.test2.com fqdn, 1.1.1.1 is ip address for external user and 2.2.2.2 is ip address for internal user. This is first time we are doing such internal and external view configuration on GTM, so we tested this first on lab env. On over lab setup we created external view for test2.com with 172.16.1.1 as SOA and resource record for abc.test2.com (1.1.1.1) and created internal view for test2.com with 192.192.1.1 as SOA and resource record for abc.test2.com (2.2.2.2), we were able to create internal and external zone and resource record . But both View have both abc.test2.com (1.1.1.1) and abc.test2.com (2.2.2.2) record, also internal view SOA is overwritten with 172.16.1.1(external view IP). Please help me how to configure internal and external view. Below are screenshot taken from view and zone. External view Internal view View list Zone list Thanks, Sachin
