security
51 TopicsDevCentral ICYMI - September 2024
DevCentral publishes new content constantly, and it’s easy to miss the latest from F5’s technical user community with all that turnover. So here’s a monthly round-up of DevCentral news, content, and events—in case you missed it! New and Notable Share Your Expertise at F5 AppWorld 2025! CFP is now open. F5 and NetApp partnership for Large Language Model AI deployments - F5 and NetApp have teamed up to improve enterprise AI capabilities by using F5’s secure multicloud networking solutions with NetApp’s data management tools. Experience the power of F5 NGINX One with feature demos - Introducing F5 NGINX One, a powerful solution designed to significantly enhance business operations with its high-performance data plane and user-friendly SaaS-based console, offering robust traffic management and critical monitoring features. Content Round-Up AI/LLM F5 BIG-IP and NetApp StorageGRID - Providing Fast and Scalable S3 API for AI apps - F5 BIG-IP's advanced load balancing improves HTTPS server performance. It ensures high availability and optimal storage node utilization when used with NetApp's StorageGRID S3 compatible object storage. How to Prepare Your Network Infrastructure to Add HPC Clusters for AI to Your Data Center - HPC AI cluster integration in enterprise data centers brings challenges, such as network segmentation, security, and high costs. Learn how to overcome these challenges. F5 Distributed Cloud: How I Did it - Migrating Applications to Nutanix NC2 with F5 Distributed Cloud Secure Multicloud Networking - Enterprises struggle to scale and migrate applications while maintaining consistent security and user experience. F5 Distributed Cloud Services (XC) simplifies extending and migrating applications from on-premises environments to Nutanix NC2 clusters, backed by Nutanix's comprehensive hyper-converged infrastructure. Security Insights What is Web Cache Exploitation? - Explore insights from a recent BlackHat/DefCon 2024 presentation on Web Cache Exploitation, which reveals how discrepancies in HTTP server and proxy behaviors can lead to vulnerabilities like Web Cache Poisoning and Web Cache Deception. (HTTP) Redirection via Arbitrary Host Header - In this article, we delve into the importance of the Host header in web requests, its role in enabling multiple-domain hosting, and the potential security risks associated with improper handling. How to Identify and Manage Scrapers (Pt. 1) and How to Identify and Manage Scrapers (Pt. 2) - Here are different ways to find and manage web scraping activities. This includes: scrapers that identify themselves, identifying using IP address, more advanced techniques for finding scrapers that don't identify themselves. We will also talk about the challenges caused by pretending to be someone else and the increase in scraping done by AI. Exploring the Zero Trust Models of AWS, Microsoft, and Google - In response to distributed workforces and advanced cyber threats, the Zero Trust Model enforces strict identity verification, granular access control, and continuous monitoring for users, devices, and resources. Major cloud providers like AWS, Microsoft, and Google have their own versions. Scanning for CVE-2017-9841 Drops Precipitously - The July 2024 Sensor Intelligence Series reports a significant drop in scanning activities for vulnerabilities CVE-2017-9841 and CVE-2023-1389, despite their previous high levels. This highlights the importance of ongoing cybersecurity vigilance. Scuba Gear from CISA, ROBLOX Malware Campaign, and RUST backdoo-rs This Week in Security Leaks & breaches, memory-safe C++, cryptominers and bridging the air-gap This Week in Security GC Document AI Transitive Access Abuse, make-me-root holes in VMWare fixed and more - This Week in Security BIG-IP Next: How to secure egress with F5 Service Proxy for Kubernetes (Japanese language version: 次世代のBIG-IP SPKとK8s コンテナの外部アクセス制御) - Securing Kubernetes egress traffic can be challenging. F5's Service Proxy for Kubernetes (SPK) offers a solution. It dynamically manages egress through its Calico egress gateway. This allows for central control, consistent network policies, and source NAT translation. BIG-IP Next Installation Guides - These resources will walk you through the initial steps of getting Central Manager and instances installed on the various platforms for labs and production. F5 Distributed Cloud: How I Did it - Migrating Applications to Nutanix NC2 with F5 Distributed Cloud Secure Multicloud Networking -Enterprises face challenges with scaling and migrating applications. F5 Distributed Cloud Services (XC) helps by enabling seamless application extension and migration, as shown with Nutanix NC2 clusters. Architecture Options for Kubernetes Service Discovery in Distributed Cloud - F5 Distributed Cloud (XC) Virtual Edition Customer Edge increases service discovery in Kubernetes clusters, allowing easy connectivity in dynamic microservices environments. Cascading Configs Tool for F5 Distributed Cloud Managed Service Provider (MSP) and Delegated Access Customers - The new XC-Cascading-Configs tool simplifies configuration management for F5 Distributed Cloud customers. It allows efficient push and maintenance of shared configurations across multiple tenants. NGINX: Deploying F5 NGINX Plus Graviton-powered Containers as AWS ECS Fargate Tasks - Amazon's Graviton4 chip offers great price-performance for cloud architects. NGINX Plus works with ARM64, ECS, and ECS Fargate. It's easy to set up, use, and scale within AWS. Announcing F5 NGINX Gateway Fabric 1.4.0 with IPv6 and TLS Passthrough - NGINX Gateway Fabric 1.4.0 features IPv6 support, TLS passthrough, server zone metrics, custom pod annotations, and improved testing automation. It ensures stability and performance for Kubernetes clusters. BIG-IP: F5 BIG-IP deployment with Red Hat OpenShift - keeping client IP addresses and egress flows - OpenShift 4.14's AdminPolicyBasedExternalRoute improves control of egress traffic by utilizing F5 BIG-IP as the default gateway for certain namespaces. This feature ensures client IP preservation and integrates security functions. BIG-IP VE in Red Hat OpenShift Virtualization - Running BIG-IP VE in Red Hat OpenShift Virtualization connects virtual machines and Kubernetes. This simplifies management and operations by using OpenShift's KubeVirt and QEMU+KVM Linux virtualization layers. VMware to Red Hat OpenShift Virtualization Migration - Seamlessly migrate workloads and BIG-IP Virtual Editions from VMware to OpenShift Virtualization. Our comprehensive guide will streamline your transition and unify your application infrastructure. F5 Cloud Failover Extension (CFE), private endpoints, and custom DNS - Using the F5 Cloud Failover Extension (CFE) for API-based failover in public cloud environments can cause issues with API calls being blocked. This is due to custom DNS settings and private endpoints. To resolve this, configure DNS settings to properly resolve private IP addresses.18Views2likes0CommentsHow to listen to the DevCentral Podcasts
Announcing the DevCentral Podcasts! DevCentral Podcasts After about 100 video live streams, we are now offering the DevCentral Connects live stream as an audio podcast. This can be found on all the main podcast platforms. Additional podcasts can be found under the DevCentral channel as well. F5's Office of the CTO shares "WebAssembly Unleashed," a podcast for architects, practitioners, technologists, and general Wasm enthusiasts. Watch the feed and join the hosts to dig into all things Wasm! DevCentral Connects on Apple Podcasts DevCentral Connects on Spotify To accommodate this format, I'll ensure that if there is ever any video content, it will be narrated such that the audio experience isn't missing out. Heavily technical content requiring following screen actions such asJRahm's Live Coding Sessions will be done in its own format, still via live stream video. These shows pop-up whenever Jason has an idea brewing in his mind so I suggest you subscribe to DevCentral on YouTube, LinkedIn, Twitter or Facebook to get notified when he does go live. Hint: Join the DevCentral Connects Group hub to get advance notice of events like these! This Month In Security Podcast Be sure to check out AubreyKingF5on his Security collaboration podcast which is also available on all major platforms. This collaboration with F5 SIRT and F5 Labs is a must see listen if you want dive deeper into security! This Month in Security on Apple Podcasts2.8KViews4likes1CommentDevCentral Visits: AWS re:invent 2023
Buu Lam is down in Las Vegas this week for AWS re:invent!Keep up with his adventures in this thread and make sure to subscribe to theDevCentral Youtubechannelto get the latest updates. Go giveBuu Lama follow on LinkedIn while you're at it!262Views1like0CommentsDevCentral Visits SecTor 2023
@buulammade his debut at SecTor 2023 in Toronto this year and Rebecca_Moloneytagged along to learn a thing or two! Here are some highlights from the trip. Make sure to subscribe to theDevCentral Youtubechannel,and followDevCentralandBuu Lamto get the latest updates. Click here for the full SecTor 2023 playlist.228Views0likes0CommentsDevCentral Visits GovWare 2023
@buulamreturned to GovWarein Singapore this year! Here are some highlights from his trip and the conversations from this essential IT security event. Make sure to subscribe to theDevCentral Youtubechannel,and followDevCentralandBuu Lamto get the latest updates. Click here for the full GovWare 2023 playlist. Global Cybersecurity Trends Buu tries Kaya Toast and chats with Chin Lim A Deep Dive into Zero Trust751Views0likes0CommentsGITEX Global 2023 in Dubai - DevCentral Visits
@buulamis fresh from GITEX Global in Dubai! Here are some highlights from his trip and the connections he made at this massive IT conference. Make sure to subscribe to theDevCentral Youtubechannel,and followDevCentralandBuu Lamto get the latest updates. DevCentral Visits GITEX Global 2023 in Dubai! Zakeer Zubair on Navigating Changes in F5 and Dubai Over 16 Years Role Reversal! Zakeer Zubair Dives into Buu Lam's Journey Grant Taylor talks about Exclusive Networks and the Middle East region DevCentral Visits GITEX Global 2023 in Dubai! Buu arrives at GITEX Global 2023 in Dubai! This massive security conference (more than 200,000 attendees) has a lot of cool things to explore. Zakeer Zubair on Navigating Changes in F5 and Dubai Over 16 Years Zakeer Zubair, the Senior Manager for Solutions Engineering at Gulf & Levant, has seen significant changes in F5 and Dubai over 16 years. He discussed how market needs align well with F5's portfolio of application and API delivery and protection. He also highlighted the value of the university intern program. Role Reversal! Zakeer Zubair Dives into Buu Lam's Journey Role reversal! Zakeer Zubair interviewed Buu Lam about his journey to becoming a DevCentral Community Evangelist and the importance of sharing educational content. Buu also shares his impressions of Dubai as a first-time visitor! Grant Taylor talks about Exclusive Networks and the Middle East region Grant Taylor, General Manager of Exclusive Networks in the Middle East, oversees the largest distributor in the region. With professional services, specialized partner sales teams, the company is leading the digital transformation taking place in the Middle East.365Views0likes0Commentsit-sa Expo & Congress in Germany - DevCentral Visits
buulamis heading to it-sa Expo & Congress 2023 inNuremberg, Germany! Make sure to subscribe to the DevCentral Youtubechannel,and follow DevCentral and Buu Lam to get the latest updates from across the pond. And we'll be sure to update thispost,too. DevCentral Visitsit-sa Expo and Congress Secure Multi-Cloud Networking with Markus Hennig WebAssembly Support added to F5 NGINX Unit Using F5 for SSLO with the German Pension Fund Westcon to the rescue Daniel Wolf on what it means to be a leader in the community DevCentral Visitsit-sa Expo and Congress Buu Lam says hallo from Nuremberg as he heads to it-sa Expo and Congress, one of the biggest security conferences in Europe. F5 can be found at the Weston, Computacentre, and Magellan booths. Stay tuned for more from it-sa, including Markus Hennig's talk, a live hacking demo, and more. Secure Multi-Cloud Networking with Markus Hennig Markus Hennig, F5 Distributed Cloud Services Specialist, talks secure multi-cloud networking at it-sa Expo and Congress 2023. IT security needs are global at a high level--everyone needs automation and flexible deployment options. Markus shares additional regional insights on local security adoption and prioritization. WebAssembly Support added to F5 NGINX Unit Timo Stark, Principal Technical Product Manager at F5 NGINX (and Docker Captain) talks about the new WebAssembly support added to NGINX Unit. Using F5 for SSLO with the German Pension Fund Alexander Müehleck and Oliver Tönnies from the German Pension Fund Network Infrastructure and Security Gateway team talk about their long-term experiences with F5. Most recently, they implemented an SSLO solution across multiple sites that provides outbound security services for their 60,000 users. One big benefit: flexibility--being able to switch seamlessly back and forth between their data centers enables them to do maintenance easily. Westcon to the rescue Buu Lam interviews Robert Jung (Westcon Managing Director for DACH and Eastern Europe region) about how Westcon enables F5 partners to get more value out of their products via training, go-to-market strategies, financing, and more. Robert also shares insights on what he sees in the security business regionally. Daniel Wolf on what it means to be a leader in the community Daniel_Wolf, Security Solutions Engineer at Controlware GmbH, is well-known in the DevCentral Community! Buu Lam meets up with Daniel IRL and gets the story behind his motivations to become DevCentral MVP.1.3KViews4likes0CommentsRemember your first stack?
Do you remember your first stack? Maybe you got lucky and had a chance to build your first stack from the ground up, with ample time and resources. Your stack was flexible, efficient, and modern, with everything you need, and nothing you don’t. Maybe you inherited a stack that was built when your company’s business was really different…and managing security and updates takes enough time and resources that you never quite got around to upgrading the system to meet current business needs. Maybe your first stack showed just how many people had been involved in its development over the years, with idiosyncratic workarounds to allow integration of older and more modern tech. As you’ve moved from role to role, you’ve probablynoticed that every stack is different, featuring a unique combination of elements that reflect the current and historical needs of the business…and a unique set of app and API security and delivery needs to match. At F5, we’ve noticed that, too - That’s whywe’ve worked hard to build a set of security and delivery solutions that can work on any architecture. That’s also why we created the Frankenstacks—these colorful stacks are meant to bring to life the unique architectures our customers have built and to represent the creative solutions those architectures include. So, go ahead Choose a new Frankenstack avatar. (You can even pick one that reps your real-life stack.) Tell us what you remember about your first stack. And remember that whatever you’ve built, we secure that.542Views2likes0Comments