DevCentral Relaunch Commencing
The last few years here at DevCentral we've seen fantastic growth and it's thanks to all of you! We've talked with you at industry events, on the streets, at user groups, and online in the community. Your message is loud and clear. You want more. We're getting ready to do just that and here's what you'll see coming very soon. Changing Launch Platforms To meet your global needs and provide new and supportable capabilities, we decided to change platforms. That's a big undertaking especially since we made the crazy and obvious decision to bring along all of the content with us. That's right, we're bringing what makes DevCentral great along with us. We're bringing over: All of the articles All of your questions and answers Your fantastic codeshare repository All of you, our users and your DevPoints Your user-to-content relationships - this one was tough, but we made it A community is only as good as its members, so our first responsibility was preserving your contributions on our new platform. To offer anything less would be a disservice to you and your participation. Thank you for being part of what makes DevCentral great. A Fresh Coat of Paint The primary goal with our platform switch was to ensure a successful content migration, but that's no fun without some improvements to the user interface. We worked at improving your engagement with questions, codeshare, and with each other. Out of the gate you'll see: Content preferences to tailor your home page experience Preset filters to get you content you want to read More content per page Improved replying and interaction in questions Improved User Profile with better following & bookmarking features Private user messaging (that works) And so much more... We could keep going but it's easier to say we improved the DevCentral experience from top to bottom and we'll continue to do so with your feedback and our thanks. Flight Inspection Team Is Proceeding to The Launch Pad The DevCentral team is hard at work in our last phase of verification and are excited to show you what we'e been working on. We will follow up with you regarding how we're going to manage API documentation next week but won't stop there. This whole process and program from start to finish is for you and thanks to you the DevCentral Community. We'll continue to do great things together and are quite excited to keep on growing. Main Engine Start in T Minus....I Am an Application Delivery Fundamentalist!
Fun and a little mental. If you’ve been following along the DevCentral team’s journey toward F5 Certification, then you may be aware that we were in Chicago last week for F5’s Agility 2016 conference and took our 101 Application Delivery Fundamentals exam. I am happy to report that all of us, Jason, John, Chase and I, passed our exams. I gotta tell you, it’s a relief since I didn’t want to title this article, 'Two Out of Three Ain’t Bad.' Good song but wanted to avoid that. We started this excursion back in April (me in March) with the team deciding to create a study group. Each week we’d tackle a topic with the guidance of Eric Mitchell’s excellent Study Guide. We worked through the sections and decided to test our luck with the Certification Team’s mobile testing center...with the pressure of passing during an F5 event. Imagine the slight pre-test anxiety going through our minds if we didn’t pass. ‘How long have you been at F5?’ the questions would have started. My mouth covering, embarrassing, face-palming, muffled response of, ’12 years,’ would not have been sufficient. As Ken told us on the way into the exam room, ‘I tell people it is either pass or fail…so don’t worry about your overall score.’ But he also added specifically to me, ‘You know if you fail, I will give you grief.’ No Pressure. Well, we were prepared and we all passed! Jason, John and I took the exam Tuesday morning. After registering and scheduling with Pearson Vue, we arrived at the mobile test center. You need to sign in and present two forms of ID, one with your picture. Even though the Certification team knew all of us, we still needed to follow the procedure, no exceptions. We liked that we had no special treatment – other than the ‘hello’ hugs – and had to process and pass fair and square. We were seated in different areas since the exam room was fairly full when we entered. The moderator helped each of us get to the proper test associated with our registration and the timer started. For the 101, you have 90 minutes to answer 80 questions. At 23 minutes in, Jason got up and was finished. ‘Wa?!?’ as I look up seeing him walk by, ‘I’m only on question 28!’ I lamented. At least John was still there and I kept an eye on my time and question count the rest of the way. But I also told myself, ‘I’m in no hurry and if I need the full 90 minutes, I’ll take it to the last tick.’ John finished about a 40 minutes later and I was left for the last 30 to myself. With 10 minutes left, I was done but took that remaining time to review my answers. One tip: you can flag questions for review during the test or make comments for yourself as you move along. Close out the ones you know and go back for the more challenging questions. In the end I think I changed 3 answers. No idea if it swayed the results either way. When you are done, you walk back to the registration room and your preliminary results are already waiting. I felt a quiver when Heidi glanced at my results and gave that ‘I’m sorry,’ look. But that was soon turned to glee as I read, ‘you have Passed.’ We were 3 for 3. Chase took the test on Wednesday and also passed. I feel it was a very fair test to determine one’s basic application delivery knowledge. Some networking, some security, some infrastructure. And although we did prepare, it was still a challenging test. These exams are not supposed to be cake-walks but a good way to measure your knowledge around a certain topic. While we passed and may be certifiable in our own right, we are not ‘officially’ F5 Certified. That comes with the 201 exam. The 201-TMOS Administration exam is the second exam required to achieve Certified F5 BIG-IP Administrator status. Candidates must have passed the 101-Application Delivery Fundamentals exam in order to be eligible for the 201 exam. And wouldn’t you know it, we’re all now shooting for the 201. We plan on doing the team study again but we’ll also need to dig into some on box time for this one. I plan on keeping you posted for the 201 but for now, I’ll just bask in my 101 glory. Phew! ps Related: Jumping on the Rails of the Technical Train Let the Training Begin! The Road to F5 Certification DevCentral at F5 Agility 2016Q/A with Rackspace Network Architect Vijay Emarose - DevCentral's Featured Member for November
Koman Vijay Emarose works as a Network Architect with the Strategic Accounts team at Rackspace. He has been a “Racker” (Rackspace Employee) for 7+ years and currently he is adapting to a networking world that is pivoting towards a world of automation. In Odaah's free time, he likes to identify DevCentral site bugs, incessantly torment Chase Abbott to fix them – particularly the badges and he is DevCentral’s Featured Member for November! Vijay's other hobbies include traveling and has been to more than eleven countries and looking to increase that number in the future. Personal finance blogs and binge watching documentaries are his guilty pleasures. DevCentral got an opportunity to talk with Vijay about his work, life and blog. DevCentral: You’ve been an active contributor to the DevCentral community and wondered what keeps you involved? Vijay Emarose: I have been a passive DevCentral user for quite a while and relied heavily on DevCentral to improve my iRule skills. The continued support for DevCentral community among F5 employees and other BIG-IP administrators provided me with the motivation to start sharing the knowledge that I have gained over the years. Answering questions raised by other members helps me to reinforce my knowledge and opens me up to alternate solutions that I had not considered. Rest assured, I will strive to keep the momentum going. DC: Tell us a little about the areas of BIG-IP expertise you have. VE: I started working on F5 during the transition period from 9.x to 10.x code version in 2010. BIG-IP LTM & GTM are my strong points. I have some experience with AFM, APM and ASM but not as much as I would like. Working with clients of various sizes from small scale to large enterprises at Rackspace, exposed me to a wide variety of F5 platforms from the 1600s to the VIPRION. I am sporadically active in the LinkedIn Community for F5 Certified Professionals. I had taken the beta versions of the F5 Certification exams and I am currently an F5 Certified Technology Specialist in LTM & GTM. I am eagerly looking forward to the upcoming F5 402 Exam. I have been fortunate enough to work with the F5 Certification Team (Ken Salchow, Heidi Schreifels, et al) in the Item Development Workshop (IDW) for F5’s 201 TMOS Administration Certification Exam and it was an eye-opener to understand the amount of thought and effort that goes into creating a certification exam. The 2016 F5 Agility in Chicago was my very first F5 Agility conference and I enjoyed meeting with and learning from Jason Rahm, Chase Abbott and other DevCentral members. I look forward to participating in future F5 Agility Conferences. DC: You are a Network Architect with Rackspace, the largest managed cloud provider. Where does BIG-IP fit in the services you offer or within your own infrastructure? VE: Rackspace is a leader in the Gartner Magic Quadrant for Cloud Enabled Managed Hosting and participates in the F5 UNITY Managed Service Provider Partner Program at the Global Gold Level. Various F5 platforms from the 1600s to the VIPRIONS are offered to customers requiring a dedicated ADC depending on their requirements. LTM & GTM are widely supported. In the past, I have been a member of the RackConnect Product team within Rackspace. “RackConnect” is a product that allows automated hybrid connections between a customer’s dedicated environment and Rackspace’s public cloud. F5 platforms were utilized as the gateway devices in this product. There is a DevCentral article on RackConnect by Lori MacVittie. I would like to take this opportunity to thank the F5 employees who support Rackspace that I have had the pleasure of working with - Richard Tocci, Scott Huddy and Kurt Lanthier. They have been of massive help to me whenever I required clarification or assistance with F5. DC: Your blog, Network-Maven.com, documents your experiences in the field of Network Engineering, Application Delivery, Security and Cloud Computing. What are some of the highlights that the community might find interesting? VE: This is a recent blog that I started to share my knowledge and experience working in the Networking field. Application Delivery Controllers are a niche area within Networking and I was fortunate enough to learn from some of the best at Rackspace. My idea is to share some of my experiences that could potentially help someone new to the field. Working with thousands of customer environments running different code versions on various F5 platforms has provided me with a rich variety of experience that could be of help to fellow F5 aficionados who are executing an F5 maintenance or implementing a new feature/function in their F5 environments. DC: Describe one of your biggest challenges and how DevCentral helped in that situation. VE: DevCentral has been a great resource for me on multiple occasions and it is tough to pinpoint a single challenge. I rely on it to learn from other’s experiences and to develop my iRule and iControl REST skills. I have benefited from the iRule: 20 Lines or Less series and I am an avid follower of the articles published by community members. For someone starting new with F5, I would certainly recommend following the articles and catching up on the iRules: 20 Lines or less series. DC: Lastly, if you weren’t working in IT – what would be your dream job? VE: I haven’t figured it out yet. Tech, finance & travel interest me. May be some combination of these interests would be the answer. DC: Thanks Vijay and congratulations! You can find Vijay on LinkedIn, check out his DevCentral contributions and follow @Rackspace. Related: Q/A with Yann Desmarest - DevCentral's Featured Member for July Q/A with SpringCM's Joel Newton - DevCentral's Featured Member for August Q/A with Secure-24's Josh Becigneul - DevCentral's Featured Member for September Q/A with ExITeam’s Security Engineer Stanislas Piron - DevCentral's Featured Member for OctoberF5 DevCentral Solves Your BIG-IP Questions
In this lively chat at #F5Agility15, DevCentral members Joe Pruitt and Tony Hynes share a little history of how it has grown from a single server in 2003 to over 200,000 members today; how iRules, iControl, iCall and iControl interact with BIG-IP’s programmability features and how the community helps solve, share and answer some of the challenges of today’s hybrid environments. They also highlight the MVP program and some of the new personal customization coming soon. ps Related: F5Agility15 - The Preview Video Welcome to F5 Agility 2015 Innovate, Expand, Deliver with F5 CEO Manny Rivelo Get F5 Certified at F5 Agility 2015 Software Defined Data Center Made Easy with F5 and VMware F5 Agility 2015 Technorati Tags: f5,agility,f5agility15,devcentral,programmibility,irules,automation,silva,video,conference Connect with Peter: Connect with F5:Blog Roll 2013
It’s that time of year when we gift and re-gift, just like this text from last year. And the perfect opportunity to re-post, re-purpose and re-use all my 2013 blog entries. If you missed any of the 112 attempts including 67 videos, here they are wrapped in one simple entry. I read somewhere that lists in blogs are good. This year I broke it out by month to see what was happening at the time and let's be honest, pure self promotion. Thanks for reading and watching throughout 2013. Have a Safe and Happy New Year. January Is TV's Warm Glowing Warming Glow Fading? Lost Records a Day Shows Doctors are Blasé Inside Look - Enterprise Manager v3.1 HELLO, My Name is Cloud_009... Security Bloggers Network Voting Solving Substantiation with SAML In 5 Minutes or Less: BIG-IP Advanced Firewall Manager Inside Look - SAML Federation with BIG-IP APM February Inside Look - BIG-IP Advanced Firewall Manager 16 Racks (16 Tons Parody) Is BYO Already D? In 5 Minutes Guest Edition - BIG-IP LTM Integration with Quarri POQ BYOD 2.0 – Moving Beyond MDM with F5 Mobile App Manager Inside Look - F5 Mobile App Manager Inside Look: BIG-IP ASM Botnet and Web Scraping Protection RSA2013: Aloha from RSA RSA2013: Find F5 RSA2013: Gimme 90 Seconds Security Edition RSA2013: Partner Spotlight – Websense RSA2013: Partner Spotlight – Quarri RSA2013: F5 RSA Security Trends Survey RSA2013: BIG-IP SSL/TLS Services RSA2013: BIG-IP DNS Services RSA2013: Interview with Jeremiah Grossman RSA2013: That’s a Wrap March Pulse2013 - Find F5 Pulse2013 – Gimme 90 Seconds: IBM Edition Pulse2013 – BIG-IP ASM & IBM InfoSphere Guardium Pulse2013 – IBM Maximo Optimization & SSO with BIG-IP APM Pulse2013 – That’s a Wrap RSA2013 & Pulse2013 - The Video Outtakes Pulse2013 - IBM Technology Evangelist Kathy Zeidenstein This Blog May Have Jumped the Shark Every Day is a 0-Day Nowadays Q. The Safest Mobile Device? A. Depends April Mobile Threats Rise 261% in Perspective Ride The Crime Coaster Conversation with One of CloudNOW’s Top 10 Women: Lori MacVittie Most of the Time We Get it Wrong The Prosecution Calls Your Smartphone to the Stand Targets of Opportunity F5 Tech Talk - Streamline, Secure and Optimize XA and XD Deployments May Interop2013: Find F5 Interop2013: DDoS'ing Interop Interop2013: F5 Certification Program Interop2013: BIG-IQ Cloud Interop2013: Partner Spotlight - Big Switch Networks Interop2013: Partner Spotlight – ICSA Labs Interop2013: DDoS'ing Interop Follow Up Interop2013: That's a Wrap 50/50 Odds for BYOD Interop2013: The Video Outtakes FedRAMP Federates Further iRules - Is There Anything You Can't Do? June TechEd2013 – Find F5 TechEd2013 – Network Virtualization & Cloud Solutions TechEd2013 – Secure Windows Azure Access TechEd2013 – The Top 5 Questions TechEd2013 – NVGRE with Microsoft’s System Center 2012 VMM (feat. Korock) TechEd2013 – Gimme 90 Seconds Betcha Didn’t Know Edition (feat. Simpson) TechEd2013 – That’s a Wrap TechEd2013 – The Video Outtakes Small Business is a Big Target Is 2013 Half Empty or Half Full? Inside Look - PCoIP Proxy for VMware Horizon View In 5 Minutes or Less - PCoIP Proxy for VMware Horizon View BYOD Behavior - Size Does Matter July The First Six Remix BYOD - More Than an IT Issue BYOD 2.0 -- Moving Beyond MDM 20,000 For Every 1 Big Data Getting Attention Corporate Mobile Data and BYOD Infographic(s) August Hackable Homes Back to School BYOB Style DNS Doldrums VMworld2013 - Find F5 VMworld2013 - F5 VMware Alliance VMworld2013 - Defy Convention VMworld2013 - VMware NSX VMworld2013 - vCenter Orchestrator VMworld2013 - That's a Wrap VMworld2013 - The Video Outtakes September You Got a Minute? Are You Ready For Some...Technology!! The Malware Mess World's Biggest Data Breaches [Infographic] BIG-IP Edge Client v1.0.6 for iOS 7 BYOD Injuries October Bring Your Own A-Z The Hacker Will See You Now The Million Mobile Malware March Privacy for a Price Identity Theft Hits Close to Home November DNS Does the Job F5 Synthesis: The Reference Architectures AWS re:Invent 2013 – Find F5 AWS re:Invent 2013 - Cloud Bursting Reference Architecture (feat. Pearce) AWS re:Invent 2013 – Cloud Migration Reference Architecture (feat. Pearce) AWS re:Invent 2013 – F5 AWS Solutions (feat. Pearce & Huang) AWS re:Invent 2013 – Cloud Federation Reference Architecture (feat. Pearce) AWS re:Invent 2013 – LineRate Systems (feat. Moshiri) AWS re:Invent 2013 – That’s a Wrap AWS re:Invent 2013 – The Video Outtakes Behind the 'ALOHA!' December The Top 10, Top 10 Predictions for 2014 Gartner Data Center 2013: Find F5 GartnerDC 2013: DDoS Reference Architecture (feat. Holmes) GartnerDC 2013: Application Services Reference Architecture (feat. Haynes) GartnerDC 2013: Intelligent DNS Scale Reference Architecture (feat Silva) GartnerDC 2013: That’s a Wrap GartnerDC 2013: The Video Outtakes And a couple special holiday themed entries from years past. e-card Malware X marks the Games ps Related Blog Roll 2011 Blog Roll 2012 Connect with Peter: Connect with F5: Technorati Tags: f5,devcentral,blogs,silva,social media,2013,video,cloud,security,mobile750th Blog Spectacular - Lessons of the LightBoard
I recently built out a LightBoard Studio for my home office so I can start contributing to the awesome LightBoard Lessons on DevCentral. These are short, informative videos explaining various technologies and often, how to implement on a BIG-IP system. Instead of writing on a whiteboard and looking over your shoulder into the camera as you explain something, Lightboards allow you to draw on and look through the crystal clear glass (into the camera) while discussing technical concepts. A transparent whiteboard. The LEDs that surround the glass accompanied with neon markers make the images pop. It’s pretty darn cool. So the story goes, a college professor was looking for a better way to deliver lessons to his students both on campus and online without a chalkboard. He called it the Learning Glass and now there are Lightboards all over the world, especially in universities. Incidentally, there is cool video of Picasso painting on glass from 1949. He had the right idea. You may have read or watched Jason & John’s Lightboard Lessons: Behind the Scenes and I wanted to report on my own experiences. First, I followed Jason’s bill of materials (except the camera) and it provides most everything you need to get started. I initially thought about a 3’ x 5’ pane of glass due to my smaller venue but couldn’t find an appropriate frame for that size. Well, to be clear, there may have been one but it was way outside my budget. I looked at various saw horses, ladder frames and other apparatus thinking I could ‘make’ something that could properly hold the glass in place. No dice. So I decided to go a little larger with the 4’ x 6’ size since there is a frame specifically built for this purpose. Rahm is correct about ordering the frame first since you’ll need to carefully measure the mounting holes so the glass can be drilled perfectly. It also takes a few weeks to order and have the glass delivered - at least in my area. This was fine since it allowed me to set up the other equipment like the lights, back drop and camera location. In addition, make sure you have the delivery folks help you place it on the frame…depending on the size, this is not a pick up and install yourself deal. The glass is large, heavy and certainly needs a few people to carry and properly align with the holes. Once the glass is installed (and cleaned) you can wrap the LEDs around the edge. There are a couple ways to go with this step. You could use large binder clips to hold the lights at the edge or, like Jason, I got 3/8” shower u-channels to go around the glass and hold the lights in place. Instead of silicon to hold the u-channel, I used clamp clips to hold the outer metal. This allows me to easily change and adjust the LEDs if needed. The Expo Neon markers do make a greasy mess and I’ve got the same Sprayway glass cleaner. I also got one of those magic erasers to help clean and old hotel room keys work well on dried ink. It’s not that difficult to have a clean slate but any smudges will certainly appear if it’s not sparkle-city. This week I’ll be moving around the lights and doing some test shots for audio and visual screen tests and look forward to publishing my first LightBoard Lesson very soon. Shooting for next week if all tests go well. I’m excited. It’s always been a dream of mine to have a home studio. Some guys want a man-cave, some want a game room, others a high end home theatre or a rack of computer equipment. Me? A studio. And for my 750th DevCentral article I wanted to say: Thanks Gang!! psBlog Roll 2017
It’s that time of year when we gift and re-gift, just like this text from last year. And the perfect opportunity to re-post, re-purpose and re-use all my 2017 entries. If you missed any of the 64 attempts including 16 videos, here they are wrapped in one simple entry. I read somewhere that lists in articles are good. I broke it out by month to see what was happening at the time and let's be honest, pure self-promotion. Check out our Featured Members for the year, dig into June's Cloud Month, catch up on some #Basics or sit back and watch some cool Lightboard videos. I truly appreciate your engagement throughout 2017 and Have a Safe and Happy New Year! January 2017 OK 2017, Now What? Lightboard Lessons: What is MQTT? Deploy BIG-IP VE in AWS What is Load Balancing? What is an Application Delivery Controller - Part I What is an Application Delivery Controller - Part II February Q/A with itacs GmbH's Kai Wilke - DevCentral's Featured Member for February What is DNS? Security Trends in 2016: Securing the Internet of Things Lightboard Lessons: IoT on BIG-IP Shared Authentication Domains on BIG-IP APM What to Expect in 2017: Mobile Device Security March Q/A with Admiral Group's Jinshu Peethambaran - DevCentral's Featured Member for March What is Virtual Desktop Infrastructure (VDI) Social Login to Enterprise Apps using BIG-IP & OAuth 2.0 Lightboard Lessons: What is a Proxy? Protecting API Access with BIG-IP using OAuth What is a Proxy? Lightboard Lessons: Service Consolidation on BIG-IP April Q/A with Betsson's Patrik Jonsson - DevCentral's Featured Member for April Deploy BIG-IP VE in Microsoft Azure Using an ARM Template High Availability Groups on BIG-IP Lightboard Lessons: The BIG-IP Profiles Configure HA Groups on BIG-IP May DevCentral’s Featured Member for May – NTT Security’s Leonardo Souza Deploying F5’s Web Application Firewall in Microsoft Azure Security Center Lightboard Lessons: What is BIG-IP? Updating an Auto-Scaled BIG-IP VE WAF in AWS Device Discovery on BIG-IQ 5.1 June Cloud Month on DevCentral DevCentral Cloud Month - Week Two DevCentral Cloud Month - Week Three DevCentral Cloud Month - Week Four DevCentral Cloud Month - Week Five DevCentral Cloud Month Wrap July DevCentral’s Featured Member for July – Vosko Networking’s Niels van Sluis BIG-IP VE on Google Cloud Platform Is 2017 Half Empty or Half Full? (F5 Newsroom) Lightboard Lessons: Attack Mitigation with F5 Silverline Lightboard Lessons: What is BIG-IP APM? August DevCentral’s Featured Member for August – Piotr Lewandowski Create a BIG-IP HA Pair in Azure I’ve Successfully Failed the F5 Certification 201-TMOS Administration Exam Lightboard Lessons: BIG-IP ASM Layered Policies Deploy an Auto-Scaled BIG-IP VE WAF in AWS Lightboard Lessons: What is BIG-IQ? September DevCentral’s Featured Member for September – Rob Carr Automatically Update your BIG-IP Pool Using the Service Discovery iApp Lightboard Lessons: What is HTTP? October DevCentral’s Featured Member for October – Jad Tabbara Lightboard Lessons: Connecting Cars with BIG-IP Legacy Application SSO with BIG-IP and Okta Selective Compression on BIG-IP Lightboard Lessons: What are Bots? Prevent a Spoof of an X-Forwarded-For Request with BIG-IP November DevCentral’s Featured Member for November – Nathan Britton Lightboard Lessons: What is DDoS? VDI Gateway Federation with BIG-IP Post of the Week: BIG-IP Policy Sync Mitigate L7 DDoS with BIG-IP ASM The OWASP Top 10 - 2017 vs. BIG-IP ASM December DevCentral's Featured Member for December - Kevin Davies F5 Certified Practice Exams The Top 10, Top 10 Predictions for 2018 (F5 Newsroom) Post of the Week: SSL on a Virtual Server ps The History Blog Roll 2016 Blog Roll 2015 Blog Roll 2014 Blog Roll 2013 Blog Roll 2012 Blog Roll 2011OK 2017, Now What?
The Year of the (Fire) Rooster will soon be upon us and the talkative, outspoken, frank, open, honest, and loyal Rooster could influence events in 2017. Whether you were born under the symbol or not, Roosters strive on trust and responsibility, essential for any organization especially in these times. 2016 (Year of the Monkey) brought us a crazy year of high profile breaches, a 500% increase in ransomware, a 0-day per day and slick malware each looking to cause havoc on all parts of society including your mobile device. The monkey’s shenanigans exhausted many of us in 2016 and 2017 will require some quick thinking and practical solutions to battle the ongoing, ever-growing threats. A year ago I noted, Mobility, both the state of being and the devices we use, will continue to grow and be an immense enabler and/or inhibitor for organizations. Today, we are the devices, controllers and data generators and we’re interacting, even socially, with a growing list of robots and objects. Security continues to flummox folks both from a development standpoint – talking to you IoT manufacturers – and from a purely personal realm. The more connected devices we have in and around our lives, homes and offices the more opportunities for the bad guys to take advantage. This is sure to continue as our digital, software-defined lives connect and intersect with the things around us. We’ll likely see a number of significant IoT security discussions coming out of CES this week too with cars and robots the starring attraction this year. And as our lives – personal and professional – continue to be chronicled on the internet, the various thieves, nation states, and activists will continue to be one step ahead, probing data and looking for that golden slab of info. Making money, causing disruptions, or orchestrating outright take-downs through online attacks are big motivations for those seeking notoriety or simply a big score. But it’s not always from the crook or spy half a globe away. Insider threats, malicious or not, have made traditional concepts of the perimeter almost useless. Here at DevCentral, our community is ready to help you through many of your most challenging application delivery endeavors this year. Like the rooster, we aim to be open and honest about how to accomplish a task with BIG-IP...including when it cannot do something. In recent weeks we’ve posted mitigations for Mirai bots, the recent PHP 0-days, along with a bunch of iControlREST solutions and an excellent article from Kevin Stewart about TLS Fingerprinting. And we look forward to answering your most perplexing BIG-IP questions. Also our very own Jason Rahm passed his Exam 201 - TMOS Administration so make sure you hit him up for some of your harder questions. The rest of the team will be looking to take the F5 Certified 201 sometime this quarter. While trends like cloud, mobility, IoT, DevOps and big data will consume your attention, securing those trends and how they map to business objectives will come to roost in 2017 and DevCentral is here to help. Let’s try to be smart, practical, open and honest about our challenges and guard against the vain, boastful and attention grabbing bad guys trying to get the best of us. The 2017 Rooster arrives January 28, 2017 and we’ll need to be prepared and stay calm when the proverbial fan starts spinning. ps Related: OK 2016, Now What? OK 2015, Now What? OK 2014, Now WhatA Different Kind of Spamalot
Those familiar with Monty Python might appreciate this dialog in song from the musical... Customer: What have you got? Waitress: Well, there's egg and bacon, egg sausage and bacon Egg and spam Egg, bacon and spam Egg, bacon, sausage and spam Spam, bacon, sausage and spam Spam, egg, spam, spam, bacon and spam Spam, sausage, spam, spam, spam, bacon, spam tomato and spam Spam, spam, spam, egg and spam Spam, spam, spam, spam, spam, spam, baked beans, spam, spam, spam and spam. Customer's Wife: Have you got anything without spam? Waitress: Well, the spam, eggs, sausage and spam That's not got much spam in it Customer's Wife: I don’t want any spam! Lots of spam, that undesirable, loathsome spam. I think we all sympathize with the wife here. Certainly the DevCentral team does, as we’ve been dealing with a very persistent spammer over the last month. It’s nothing new, every site that promotes and encourages community (and many that don’t) has to deal with the lunatic fringe of the marketing world. To that end, we’d like to offer our sincerest apologies for the unsightly commentary in the Q&A section of our community, and the unfortunate side effect of your subscriptions resulting in the spam reaching your inboxes. No one wants to receive that mess, and we are grieved to have been a vessel for this distasteful marketing. But enough words, let’s talk actions. It’s a lot like chess. Matching wits with spammers, countering the queen’s gambit with albin or QG declined. But rest assured that we are not sitting idly by. We have enhanced and added several countermeasures that have extremely dampened the spirits of the evil devil spawn, to the point where his efforts now are but a mere trickle. We’ll continue to monitor, learn, adapt, and grow. In addition to the work we’ve done on our end, there is something you can do as well to help. You can flag posts that are clearly spam (or offensive or inappropriate) as shown in the image below. Given the new counter measures, there is a slight risk that a false positive will occur and something you post might be flagged as spam. If this happens, please notify us immediately at devcentral@f5.com and we’ll work diligently to resolve the issue. Thanks for all you do to make this community great and for seeing us through this spam issue.RSA Security Octagon: What's the Best Way to Secure Applications?
We're doing something a little different this year at #RSA with a Security Octagon. Everyone loves a good debate and in the security community discussions pop up constantly around a myriad of topics at any given point - with individuals or groups in the community taking opposing sides in these quarrels. While we’re not looking for a knock-down drag out geek fight, we are looking for a spirited debate in hopes of engaging with security pros to lend their support and opinions to the topic. In the first debate we focus on the topic of application security. Is application security just secure coding or is it more than that? Preston Hogue from F5 and Jeremiah Grossman from WhiteHat Security are our first participants to discuss 'What's the Best Way to Secure Applications?' How can you play along? Visit https://f5.com/securityoctagon to cast your vote and comment on the discussion. 1. Make sure to use the appropriate #hashtag: a. #TeamGrossman b. #TeamHogue 2. Can’t pick a camp to support, promote the program overall: a. #SecOctagon If you're at RSA, visit F5 booth 1515 and say 'Aloha' to DevCentral folks John Wagnon and Jason Rahm and ask how you can Integrate WhiteHat Scans With BIG-IP ASM. And a very special thanks to Jeremiah for participating this year. Always appreciate his security expertise. Enjoy the show! ps Connect with Peter: Connect with F5:
