BIG-IP Edge Client 2.0.2 for Android
Earlier this week F5 released our BIG-IP Edge Client for Android with support for the new Amazon Kindle Fire HD. You can grab it off Amazon instantly for your Android device. By supporting BIG-IP Edge Client on Kindle Fire products, F5 is helping businesses secure personal devices connecting to the corporate network, and helping end users be more productive so it’s perfect for BYOD deployments. The BIG-IP® Edge Client™ for all Android 4.x (Ice Cream Sandwich) or later devices secures and accelerates mobile device access to enterprise networks and applications using SSL VPN and optimization technologies. Access is provided as part of an enterprise deployment of F5 BIG-IP® Access Policy Manager™, Edge Gateway™, or FirePass™ SSL-VPN solutions. BIG-IP® Edge Client™ for all Android 4.x (Ice Cream Sandwich) Devices Features: Provides accelerated mobile access when used with F5 BIG-IP® Edge Gateway Automatically roams between networks to stay connected on the go Full Layer 3 network access to all your enterprise applications and files Supports multi-factor authentication with client certificate You can use a custom URL scheme to create Edge Client configurations, start and stop Edge Client BEFORE YOU DOWNLOAD OR USE THIS APPLICATION YOU MUST AGREE TO THE EULA HERE: http://www.f5.com/apps/android-help-portal/eula.html BEFORE YOU CONTACT F5 SUPPORT, PLEASE SEE: http://support.f5.com/kb/en-us/solutions/public/2000/600/sol2633.html If you have an iOS device, you can get the F5 BIG-IP Edge Client for Apple iOS which supports the iPhone, iPad and iPod Touch. We are also working on a Windows 8 client which will be ready for the Win8 general availability. ps Resources F5 BIG-IP Edge Client Samsung F5 BIG-IP Edge Client Rooted F5 BIG-IP Edge Client F5 BIG-IP Edge Portal for Apple iOS F5 BIG-IP Edge Client for Apple iOS F5 BIG-IP Edge apps for Android Securing iPhone and iPad Access to Corporate Web Applications – F5 Technical Brief Audio Tech Brief - Secure iPhone Access to Corporate Web Applications iDo Declare: iPhone with BIG-IP Technorati Tags: F5, infrastructure 2.0, integration, cloud connect, Pete Silva, security, business, education,technology, application delivery, ipad, cloud, context-aware,infrastructure 2.0, iPhone, web, internet, security,hardware, audio, whitepaper, apple, iTunesBlock access to apps by browser. Allow only iPhone or Android accesss
Customer has an application that they want access only through the mobile device app. They have recently found that the application can be accessed through any browser. We have configured the following iRule but it is not working: when HTTP_REQUEST { if { ([HTTP::header User-Agent] contains "iphone") or ([HTTP::header User-Agent] contains "Android") } { HTTP::redirecthttp://www.oursite.com} if { ([HTTP::header User-Agent] contains "(IE|Mozilla|Safari|Chrome|Opera)") } { drop } } Any ideas how to achieve this? Thanks
BIG-IP Edge Client v1.0.6 for iOS 7
With all your other iOS 7 updates (if you've made the plunge), if you are running the BIG-IP Edge Client on your iPhone, iPod or iPad, you may have gotten an AppStore alert for an update. If not, I just wanted to let you know that version 1.0.6 of the iOS Edge Client is available at the AppStore with iOS 7 support. Customers who use UDID in their access policies should have users update to this version. The BIG-IP Edge Client application from F5 Networks secures and accelerates mobile device access to enterprise networks and applications using SSL VPN and optimization technologies. Access is provided as part of an enterprise deployment of F5 BIG-IP Access Policy Manager, Edge Gateway, or FirePass SSL-VPN solutions. BIG-IP Edge Client for iOS Features: Provides accelerated mobile access when used with F5 BIG-IP Edge Gateway. Automatically roams between networks to stay connected on the go. Full Layer 3 network access to all your enterprise applications and files. ps Related: Manual: BIG-IP Edge Apps Client Compatibility Matrix BIG-IP Edge Client and BIG-IP Edge Portal for Apple iOS and Android software support policy Release Note: BIG-IP Edge Client for iOS 1.0.6 Advanced Edge Client Installation for Windows–The Mysteries of Windows Installer Revealed F5 BIG-IP Edge Client F5 BIG-IP Edge Portal F5 BIG-IP Edge Client for Android Technorati Tags: f5,big-ip,edge client,ssl-vpn,mobile,smartphone,ios7,apple,iphone,ipad,silva,remote access,security,secure access,apm Connect with Peter: Connect with F5:BIG-IP Edge Client v1.0.4 for iOS
If you are running the BIG-IP Edge Client on your iPhone, iPod or iPad, you may have gotten an AppStore alert for an update. If not, I just wanted to let you know that version 1.0.4 of the iOS Edge Client is available at the AppStore. The main updates in v1.0.4: IPv6 Support Localization New iPad Retina Graphics The BIG-IP Edge Client application from F5 Networks secures and accelerates mobile device access to enterprise networks and applications using SSL VPN and optimization technologies. Access is provided as part of an enterprise deployment of F5 BIG-IP Access Policy Manager, Edge Gateway, or FirePass SSL-VPN solutions. BIG-IP Edge Client for iOS Features: Provides accelerated mobile access when used with F5 BIG-IP Edge Gateway. Automatically roams between networks to stay connected on the go. Full Layer 3 network access to all your enterprise applications and files. I updated mine today without a problem. ps
Iphone error using APM SAML
Greeting all, I’ve federated with Office 365, I used an iApp () to accomplish it. It works as expected for internal and external clients, except for iPhones (current version of iOS). The iApp was modified to allow for Kerberos SSO internally. Externally it uses HTTP basic. I opened a case with F5 support and we did some packet captures to see what the clients were posting to the SAML IdP. With an Android, the pcap looks like this: The above pcap includes an Authorization header. The iPhone request is different, and does not include that header: According to F5 Support, since the Authorization Header is missing from the POST on the iphone, the APM throws a redirect and the client barfs on that. The fallout of that is that client displays an invalid nonce error like this: F5 Support believes this is a bug in the iOS, I guess that wouldn’t be the first time! Has anyone come across this issue using the APM as an IdP for Office 365 as the SP and iPhone clients? Thanks for any suggestions you have. Cheers, MikeMobile Malware Milestone
Did you celebrate or castigate? You might not know but last week was the 10 year birthday of Cabir, the first mobile malware. It spread through Bluetooth after infecting the Nokia Series 60 phones running Symbian. Also last week, Kindsight Security Labs (Alcatel-Lucent) released the results of a study (pdf) that found more than 11.6 million mobile devices are infected by mobile malware at any given time and that mobile infections increased 20% globally in 2013. This, obviously, increases risk for stolen personal and financial information, can lead to bill shock resulting from hijacked data usage, or extortion to regain control of the device along with allowing bad guys to remotely track location, download contact lists, intercept/send messages, record conversations and best of all, take pictures. About 60% of all mobile infections involved Android devices that downloaded malicious software from the Google Play store and 40% were Android phones that received malicious code while tethered to a Windows laptop. Both Blackberry and iPhone combined to represent less than 1% of all infected devices. 4G LTE devices are the most likely to be infected and the number of mobile malware samples grew 20X in 2013. This will only get worse as new strains are released, like the proof of concept code that is capable of tracking your taps and swipes as you use a smartphone. That's right, monitor touch events. Say a phone has not been touched in a while and suddenly there is 4 touch events. Well, that's probably a PIN, according to Forbes contributor Tamlin Magee. Add to that a screenshot, now you can overlay the touches with the screenshot and know exactly what is being entered. You know it and I know it: The more we become one with our mobile devices, the more they become targets. It holds our most precious secrets which can be very valuable to some. We need to use care when operating such a device since, in many ways, our lives depend on it. And it is usually around this point in the article that I chastise mobile users for careless behavior but in this instance, there are certainly times where there is nothing you can do. You can be paranoid, careful and only visit the branded app stores yet the risk is still present. Ten years in and we're just getting started. ps Related: Mobile malware is ten years old today Alcatel-Lucent reports 2013 surge in mobile network infections affects 11.6 million devices How People Really Use Mobile Terrifying new smartphone malware tracks your swipes to steal your PIN Trustwave Demonstrates Malware That Logs Touchscreen Swipes To Record Your PIN Kindsight Security Labs Malware Report – Q4 2013 (pdf) Mobile Threats Rise 261% in Perspective The Million Mobile Malware March 2014: The year of mobile…or not? What is mobile malware? Mobile ad networks muddy the answer Technorati Tags: malware,mobile,smartphone,andriod,iphone,security,privacy,identity theft,silva,f5 Connect with Peter: Connect with F5:
Certificate based SSO from an iPhone for Exchange with APM
I need some help getting started. Here is my problem. When users Active Directory passwords expire, their accounts will often get locked out because their iPhone continues to access the account with the old password. I'd like to start deploying certs to my corporate iPhone users with our Boxtone MDM solution. Then I think I can use APM to authenticate the iPhone to AD and Exchange 2010 with the cert. Does thin make sense? Is there a writeup on how to build this?Invasion of Privacy - Mobile App Infographic Style
Couple blogs/weeks ago, I posted What’s in Your Smartphone? covering the recent Nielsen report, State of the Appnation – A Year of Change and Growth in U.S. Smartphones. According to the study, 70% (last year) and 73% (this year) expressed concern over personal data collection and 55% were cautious about sharing location info via smartphone apps so, obviously, it is important that users are aware of the risks they face when downloading and using apps. So it is perfect timing that I came across Veracode’s infographic showing real world cases to outline the threat to user privacy posed by mobile apps. Infographic by Veracode Application Security Fascinating and scary at the same time. ps References: How Mobile Apps are Invading Your Privacy Infographic Infographic: How Mobile Apps Invade Your Privacy State of the Appnation – A Year of Change and Growth in U.S. Smartphones Nielsen: 1 in 2 own a smartphone, average 41 apps Freedom vs. Control BYOD–The Hottest Trend or Just the Hottest Term Hey You, Get Off-ah My Cloud! Evolving (or not) with Our Devices The New Wallet: Is it Dumb to Carry a Smartphone? BYOD Is Driving IT ‘Crazy,’ Gartner Says Consumerization trend driving IT shops 'crazy,' Gartner analyst says
