Baseline security
Hi Techies, I am on top of ongoing implementation project of F5 infrastructure that includes all the top modules. We are in the process of setting up a new service model mainly around WAF (ASM) for our client. This is something new service for us and lots of things are planned to establish the service. We already have a Global Target Operating Model (TOM) and Incident process etc, and I also asked to prepare a Security Baseline for F5 ASM. Could you guys please guide me how i can start on this. Is there any security baseline standards (may be generic) from F5? I thought of starting as a base of OWASP top 10 and mapping this to the ASM configuration..Any thought on this please? Cheers Vijith
Best Practice - Maintenance Pages when LB_Failed
Hey Guys, Historically we have provided our users with the below iRule to through up a maintenance page when the pool/members fail. We have been caught out just recently when a dozen sites got updated pools but due to user/admin error no one updated the maintenance page iRule. The servers in the old pools got decommissioned and an error page was thrown. when HTTP_REQUEST { if {[active_members Pool-old-pool-name] < 1 } { HTTP::respond 200 content " I have been investigating a better method to do this without direct referencing the pool name. I was looking at and testing in our PreProduction enviornment the event LB_FAILED but ran into truncated responses and was given this reference article via F5 support ( http://support.f5.com/kb/en-us/solutions/public/9000/400/sol9456.html ). So that means that avenue is closed. What is the best practise for error pages without directly refercing the pool name. Thanks
upgrading from 11.5.3 to 12.1.0 do's and dont's
I have a request from a customer to upgrade their F5 from the 11.5.3 to 12.1.0. I wanted to ask if there are any do's or dont's to ensure this goes as smoothly as possible. Is there any kind of best practice for this or is it as simple and cut and dry as it seems? Do I need to reactivate the licensing afterwards? Any and all information or guidance is very much appreciated