Q/A with itacs GmbH's Kai Wilke - DevCentral's Featured Member for February
Kai Wilke is a Principal Consultant for IT Security at itacs GmbH – a German consulting company located in Berlin City specializing in Microsoft security solutions, SharePoint deployments, and customizations as well as classical IT Consulting. He is also a 2017 DevCentral MVP and DevCentral’s Featured Member for February! For almost 20 years in IT, he’s constantly explored the evens and odds of various technologies, including different operating systems, SSO and authentication services, RBAC models, PKI and cryptography components, HTTP-based services, proxy servers, firewalls, and core networking components. His focus in these areas has always been security related and included the design, implementation and review of secure and high availability/high performance datacenters. DevCentral got a chance to talk with Kai about his work, life and mastery of iRules. DevCentral: You’ve been a very active contributor to the DevCentral community and wondered what keeps you involved? Kai: Working with online communities has always been an important thing for me and it began long time ago within the good old Usenet and the predecessor of the Darknet. Before joining the F5 community, I was also once an honored member of the Microsoft Online Community and was five times awarded as a Microsoft MVP for Enterprise Security and Microsoft-related firewall/proxy server technologies. My opinion is that if you want to become an expert for a certain technology or product, you should not just learn THE-ONE straight-forward method fetched from manuals, guides or even exams. Instead, you have to dive deeply into all of those edge scenarios and learn all the uncountable ways to mess the things up. And dealing with questions and problems of other peers is probably the best catalyst to gain that kind of experience. Besides of that, the quality of the DevCentral content and the knowledge of other community members are absolutely astonishing. It makes simply a lot of fun for me to work within the DevCentral community and to learn every day a little bit more… DC: Tell us a little about the areas of BIG-IP expertise you have. KW: Over the years, I successfully implemented BIG-IP LTM, APM, ASM, and DNS Service deployments for our customers. Technologically, I internalized TMOS and its architecture very well and I pretty much learned how to write simple but also somewhat complex iRules to control the delivery of arbitrary data on their way from A to B in any possible fashion. DC: You are a Principal Consultant for IT Security at itacs GmbH - a German consulting company. Can you describe your typical workday? KW: Because of my history with Microsoft related infrastructures, my current workload is pretty versatile. Many of my current projects are still settled in the Microsoft / Windows system environment and are covering the design and review of security related areas. Right now, I’m working with several DAX companies and also LaaS, PaaS and SaaS service providers to analyze their Active Directory and System Management infrastructures and to design and implement a very unique, fundamental and comprehensive security concept to counter those dreaded PtH (Pass-the-Hash) and APT (Advance Persistent Threat) attacks we are facing these days. Over the last years, my F5 customer base has periodically grown so I would say my work is a 50:50 mix right now. I do F5 workshops, designs, implementations, second and third level support as well as configuration reviews and optimization of existing environments. I work with some big web 2.0 customers that have the demand to pretty much exhaust all the capabilities of an F5. This challenges me as a network architect and as an ADC developer. I realize every day that working with F5 products makes so much more fun than any Microsoft product I have ever dealt with. So in the future, I will even more put my focus on F5! DC: Describe one of your biggest BIG-IP challenges and how DevCentral helped in that situation. KW: In my opinion, the F5 products themselves are not that challenging – but sometimes the underlying technologies and the detailed project requirements are. But as long as those requirements can be drawn and explained on a sheet of paper, I am somewhat confident that the BIG-IP platform is able to support the requirements – thanks to the F5 developers who have created a platform which is not purely scenario driven but rather supports a comprehensive list of RFC standards which can be combined as needed. For an example, one of my largest customers operates an affiliate resource tracking system with three billion web requests per day with a pretty much aggressive session setup rate during peak hours. I have designed and implemented their BIG-IP LTM platform to offload SSL-encryption and the TCP-connection handling to various backend systems using well selected and performance optimized settings. Other scenarios require slightly more complex content switching, the selective use of pre-authentication and/or combination with IDS/IPS systems. To support those requirements, I developed a very granular and scalable iRule administration framework which is able to simplify the configuration by using rather easy-to-use iRule configuration files (operated by non TCL developers) which will then trigger the much more complex iRule code (written and tested by TCL developers) as needed. The latest version of my iRule administration framework (which is currently under testing/development) will be able to support a couple thousand websites on a single Virtual Server, where each websites can trigger handcrafted TCL code blocks as needed, but without adding linear or even exponential overhead to the system as the regular iRule approaches would do. The core and the configuration files of the latest version are heavily based on TCL procedures to create a very flexible code base and also conditional control structures, but completely without calling any TCL procedures during runtime to boost the performance dramatically. Sounds interesting? Then stay tuned, I am sure I will publish this framework to the CodeShare once it’s stable enough… 😉 DC: Lastly, if you weren’t an IT admin – what would be your dream job? Or better, when you were a kid – what did you want to be when you grew up? KW: I was typing my first assembler code out of a C64 magazine at the age of 10, so I really wanted to be a developer and/or IT admin since then. But besides of my current job, I can also imagine being a racecar driver. I really have petrol in my blood and pretty much enjoy driving on the German Autobahn. As an alternative, I could also imagine being a cook. I really love cooking and enjoy awesome food! DC: Thanks Kai! Just don't fire up that sterno while shifting gears!! Check out all of Kai’s DevCentral contributions and check out their blog websites: ops365.de, flow365.de and brandmysharepoint.de.DevCentral's Featured Member for January - Daniel Wolf
Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and ourFeatured Seriesgives you some insight on some of our most engaged folks. DevCentral Member and newly minted MVPDaniel Wolf is our Featured Member to kick off 2022! Let's catch up with Daniel! DevCentral: First, please explain to the DC community a little about yourself, what you do and why it is important. Daniel: I’m an enthusiast. When I was younger, I was a passionate handball player. Later I also became a passionate handball coach for children. Recently I became an avid cook. Almost ten years ago I moved to the Balkans, to the city of Skopje. I fell in love with the region, the people, and the Balkan way of life. I even found my wife there. Almost three years ago my family and I moved back to my hometown, a small city close to Frankfurt in Germany. And I have always been a tech enthusiast. DevCentral: You’ve continued to be an active contributor in the DevCentral community.What keeps you involved? Daniel: I find it interesting to read what challenges others from the community are facing. In case I know an answer to their question, I will reply. In case I don’t know the answer, but I think I can figure it out with a reasonable effort, I will try to. It helps me to broaden my knowledge but even more important to share the answers with others. DevCentral: Tell us a little about the technical expertise you have. Daniel: First time I touched a computer was an Intel 286 with DOS 5.0. After a couple of weeks, I deleted a couple of seemingly useless file to install Monkey Island. Since then, I became pretty good at solving computer problems. Nowadays they are called projects and the problems are often much more complex. The last technology I was responsible before I decided to become an F5 consultant was Microsoft SharePoint and other .NET web apps. Roughly 7 years ago, there was a project to protect an online banking application with a WAF. So, unlike many other F5 specialists, I am not a network specialist but a web server dude. DevCentral: You are a Senior Network Professional at Controlware GmbH. Can you describe your typical workday, how you manage work/life balance and the strong support of F5 solutions? How has the pandemic impacted your work? Daniel: I appreciate that there is not a typical workday. I enjoy a challenging mix between projects, presales activities and occasional L3 support. Most fun for me are projects where I can help my customers to protect their apps and APIs. In the past two years we also had a lot of projects building, improving, or scaling out identity-aware access solutions. So, on a typical day, I’d say I am still solving computer problems. The pandemic has improved my work/life balance, I don’t have to drive to the office anymore and I can have a walk in the field during lunchtime or enjoy a coffee with my wife (she’s also working from home). DevCentral: Do you have any F5 Certifications? If so, why are these important to you and how have they helped with your career? Daniel: I have the 401 since last year. The 401 was a very good exam, passing it required an understanding of many F5 solutions but also of broader security concepts. My employer is promoting to get certified and allowed me to prepare during working hours. DevCentral: Describe one of your biggest Customer challenges and how the community helped in that situation. Daniel:I’d say that this is one of my current projects. We are migrating from an end-of-life proxy platform to BIG-IP and we are building a lot of the content switching and rewrite features with iRules. Devcentral is a goldmine if you are looking for iRule documentation and code snippets. DevCentral: Lastly, if you weren’t doing what you’re doing – what would be your dream career? Like, when you were a kid – what did you want to be when you grew up? Daniel: I always wanted to be some sort of IT guy. I think I am fine where I am now, I enjoy my work. If I was granted a wish, carpenter would be an alternative. I like the idea that, at the end of each day, you can see what you have built with your own hands. The things I build, they are meaningful as long as there is a browser available. ---Thanks Dan!We really appreciate your willingness to share with the DevCentral Community. Stay connected with Daniel and Controlware on social media: Controlware GmbH on LinkedIn Daniel on LinkedIn Controlware GmbH on the WebDevCentral's Featured Member for November - Austin Geraci
Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and ourFeatured Seriesgives you some insight on some of our most active folks. You might remember him from theDC Connects A Certification Journey Episode, DevCentral memberAustin Geraciis our Featured Member for November 2020! Let's learn more about Austin! DevCentral: Please explain to the DevCentral Community a little about yourself, what you do and why it is important. Austin: Hi folks – I’m Austin Geraci, CTO at WorldTech IT which is an F5 Gold & GUARDIAN (at the highest level) partner company. I’m proud to say we’re the leading provider of third-party professionalservices for F5 solutions – including NGINX and SHAPE Security. We’re the only companyto exclusively focus on F5 products the way we do. Though we also specialize in some complementary products like Ansible and Terraform, it’s all around F5. We are not your typical VAR, though we sell a ton of F5, we lead with our engineering expertise. DevCentral: You’ve continued to be an active contributor in the DevCentral community over the years. What keeps you involved? Austin: The community F5 has built, and of course the technology. These days I don’t have nearly as much time to participate publicly, but F5 has been very gracious to give me the opportunityto help out behind the scenes – and I’ve been very happy to. F5 has afforded me some great opportunities in life, and I try to give back whenever I can. Believing in the technology has been easy, F5 is always one step ahead, offering the best of the best around application delivery, security, and authentication. I was super pleased to see the acquisitions of NGINX and SHAPE – two technologies I’ve been a big believer in. DevCentral: Tell us a little about the technical expertise you have. Austin: I was lucky enough to be exposed to computers at a very young age. When I was 10 years old my father bought a 486 dx2 66 from Gateway for his real estate business, and the rest is history. I started to learn Borland’s C++ and BASIC, but information was a lot harder to come by back then, so it was manuals and the library until I discovered Bulletin Board Systems (BBS) about a year or so after. That opened up a whole new world, and shortly after the Internet and IRC followed (which introduced me to my first taste of operating systems outside of DOS). As I got older, I gravitated more towards the network side and web applications. My F5 journey started off with LTM & GTM,andAFM /APM/ASM following soon after. DevCentral: You are the CTO at WorldTech IT . Can you describe your typical workday, how you manage work/life balance and the strong support of F5 solutions? How has the recent pandemic impacted your work? Austin: My wife is a saint 😉 Work-life balance is tough sometimes because I’m so dedicated to the cause, but I try to be good about “turning it off” when its time, tomorrow is another day. I’ve also been blessed (and cursed) with being a “super sleeper” — I typically only need 3-5 hours of sleep to feel 100%. I get a lot of my heads-down work complete in the morning before the emails, meetings, and calls start flying in. Above all, I couldn’t do anything I do without the great team working alongside me. Without all the rock stars we work with I would be hard-pressed to be where I am. Speaking of which... if you’re an F5 rock star and dream of only working with F5 solutions all day, every day, with a company that is focused on engineering – hit me up, as I also run our recruiting efforts, and we arehiring!! Though we sell a ton of F5 products, we’re not “salesy” or a sales-focused organization, which allows us to always do the right thing for our customers and engineers. We’re focused on career development and constantly advancing our internal knowledge base – also the bennies are great. As far as the Pandemic – Fortunately, we’ve been “ok” overall, I think that’s largely due to the fact thatWorldTech ITwaspoised for some massive growth this year, so we’ve been able to maintain and grow – albeit at a slower pace. We have an office in Austin TX, and I really enjoyed going into the office – it provided a good “on/off” switch, so working from home took some adjusting. Luckily, I have an awesome wife and a couple of really cute Shiba-Inus. 😉 DevCentral: Do you have any F5 Certifications? If so, why are these important to you and how have they helped with your career? Austin: I currently have the 402 F5-CSE, Cloud certification valid – certs have been a big part of my F5 and personal growth. Certs force you to fill the knowledge gaps you have, I learned that when I originally passed CCNA as a 20-nothing year old Austin. I’m a big believer in the new F5 cert program, Ken has done some great work taking the program to the next level (including test integrity). As a 40-year-old Austin who’s not pushing the buttons anymore... my focus is moreon our roadmap, and customer / partner relationships. DevCentral: Describe one of your biggest customer challenges and how the community helped in that situation. (Does not necessarily have to be DevCentral) Austin: I can’t think of any singlechallenge in particular, butin general the community has helped me approach technical problems from different angles. All our brains work differently,andthe way we formulate solutions is largely shaped by our past experiences. Taking the time to look at how others approach problems has most definitely expanded my perception and the way I approach problems. DevCentral: Lastly, if you weren’t doing what you’re doing – what would be your dream career? Or better, when you were a kid – what did you want to be when you grew up? Austin: Musician for sure, I grew up singing and playing guitar. I still play and have hopes of getting a hit song out there before I get too old and tired 😉 ---Thanks Austin!We really appreciate your willingness to share with the DC Community. To stay connected with Austin on other social media channels: LinkedIn for Austin Twitter for Austin WorldTech IT on LinkedIn WorldTech IT on TwitterDevCentral's Featured Member for January - Claudio Junior
Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and ourFeatured Series gives you some insight on some of our most engaged folks. First time DevCentral MVP Claudio Junior is our Featured Member for January to kick off 2021! Let's learn more about Claudio! DevCentral: Please share a little about yourself, what you do and why it is important. Claudio: I started working in IT in the late 1990's as a Clipper and Cobol developer in a XT/286 PC with its green screen charming monitor and its incredible kilobytes of available memory. Since then, I have been evolving in programming languages as a benefit to my job. In 2013, I was challenged for the company to learn BIG-IP as they were forming a team to F5 products. I was curious about it and so I accepted the challenge. In that time, I had no idea that F5 products would be a game changer for my career. Personally, I consider myself a simple guy contained in 1.66m tall. I believe that my importance to the people around, is that they can count on me to help in their daily. DevCentral: You’ve continued to be an active contributor in the DevCentral community.What keeps you involved? Claudio: In the beginning, most of my knowledge was acquired from DevCentral. Indeed, I learned with questions and articles from the other members. It was certainly useful to me. If I was facing trouble, I could ask for help or find similar cases and then take shortcuts to a solution or at least help me to think out if my mind. In this way in my free time, I usually browse the forum to read the news and sometimes look at the oldest questions with no activity. I think the no activity questions may hide a new challenge for me and maybe someone is still waiting for help. DevCentral: Tell us a little about the technical expertise you have. Claudio: As I started working as a System Developer. The logic was, my base to learn almost all about infrastructure and security layers, so F5 products felt like a glove to me. I really like command lines and these long years, I’ve helped on project designs and BIG-IP modules implementation or support for customers, including BIG-IQ and F5 Silverline. I still love when there is an iRule to write and implement. DevCentral: You are a F5 Specialist at Compugraf. Can you describe your typical workday, how you manage work/life balance? How has the recent pandemic impacted your work? Claudio: Currently, I'm a F5 Specialist acting more as solution architect, working in the background and waiting for demand where I can act with my knowledge base to help my co-workers. In the meantime, I can improve my skills and I have been walking through the cloud architecture, I have been doing automations scripts to our products catalogue and helping the company in the market demands. I consider myself a lucky guy in regarding to the job and the recent pandemic situation. Thank God I can work at home so it can keep me away from the virus for somehow. Moreover, I can enjoy my family more, as we spend all day together at home. DevCentral: Do you have any F5 Certifications? If so, why are these important to you and how have they helped with your career? Claudio: Yes, I do. But they all just expired this year. Some certifications are extremely important because they are prerequisites to keep our F5 partnership. Especially at the beginning of my career, these certifications guaranteed me the recognition of the effort on the challenge in becoming a F5 specialist. Also, to me, it is a way to know that you are up to date. DevCentral: Describe one of your biggest Customer challenges and how the Community helped in that situation. Claudio: Certainly, my biggest challenge was my first project ever. I should dedicate its success to the ASKF5 portal and F5 partnership channels who supported me that time. Almost 8 years ago, wow! That time, I was working alone at the most critical customer and I was fully supported by online training and deployment guides or SOL's available. DevCentral: Lastly, if you weren’t doing what you’re doing – what would be your dream career? Or better, when you were a kid – what did you want to be when you grew up? Claudio: I believe I never really had a dream career, but I certainly dreamed of doing many things. When I was kid, I planned to build robots and planes. I used to take apart all toys and electronics to make my own Frankenstein. Later, as a teenager, I wished to be a rock star. Nowadays, I'm afraid of heights and flying but I still love playing my instruments and take apart of electronic circuits. So, I probably would be a Brazilian Gyro Gearloose or why not, to be the guitar god Ritchie Blackmore! ---Thanks Claudio!We really appreciate your willingness to share with the DevCentral Community. To stay connected with Claudio on other social media channels: Claudio on LinkedIn Compugraf on LinkedIn Compugraf IT on TwitterDevCentral's Featured Member for December - Kevin Davies
When we prepare for our Featured Member series, I typically send out a questionnaire and the DevCentral member writes out their answers. With the opening question I'll do a bit of editing and use that for the intro. This month however, airloom's Kevin Davies did such a great job with the opening, I decided to simply let him tell his story. A long-time DevCentral member and always engaged with the community, Kevin Davies is DevCentral's Featured Member to close out 2017. Congrats Kevin! DevCentral: First, please explain to the DevCentral community a little about yourself, what you do and why it’s important. Kevin: I suppose my interest in technology came from a desire to know how things work. My first job in computers was doing exactly that, building them at a small computer store in Brisbane. I have always been technical, being the pioneer in my family I immediately saw the potential they would bring and how it might shape the world… I remember a quiet night alone in the office struggling to understand SCO Unix, as I’d come from a MS-DOS background. Yet I persisted, and using the SLIP protocol with static IP addressing, I successfully connected our business to the University, so we could receive email. This was back when Universities were connected globally and world wide web as we know it today, did not exist… yet. My next role was to join an ISP as a help desk guy. Always in search of more knowledge, I figured the quickest way to get it was to immerse myself. Dealing with 10,000 users you rapidly discover the problems people are faced with as they try to get a handle on these things called modems! It was a great experience, and I attained my CCNA certification there. By the time I left three and a half years later, I was literally running the network. Then I joined Unisys in a security role, to further expand my knowledge of firewalls and the way they operated. This required a deeper understanding of protocols, there were some very interesting problems you would come across. I lived for those moments and always found troubleshooting something I really enjoyed. During this job I transitioned from a Brisbane country town to Sydney the big city. After various contracts and the GFC, I ended up at CSC doing more security, this time Checkpoint firewalls. It was here that I worked with my first BIG-IP. A load balancer, I mean what’s there to learn I thought? You send traffic here, you send traffic there… how little did I know. It wasn’t until I joined Red Education doing professional services that I came to understand the true capability of the device. Where I learned iRules provide customers with tremendous flexibility and iApps, API and automation toolsets make these devices scale and deploy in hybrid environments. Now I work for airloom, the #1 F5 engineering partner in A/NZ, APJ and joint #1 globally providing solutions that no-one else could deliver. My first week at airloom I sat my 401 exams. My second week I was learning a completely new product. The third was sitting down with customers. They have a consistently high level of expertise that is not found elsewhere in Australia. They recruit and maintain the best, to deliver the outcomes customers need. After eight years F5 experience I thought would arrive here at least on par with the guys within the team. I was wrong. DC: You are a very active contributor in the DevCentral community. What keeps you involved? KD: I’ve always enjoyed helping others, it’s part of my DNA being a consultant. It is why I have enjoyed being an instructor as well as doing professional services for the last eight years. I’ve found that giving back to the community that has helped me is my way of saying thank you. From an airloom perspective the team is entirely focused on helping customers being successful so giving is what we do day in and day out. DC:Tell us a little about the areas of BIG-IP expertise you have. KD: I have enjoyed making the BIG-IP do magic for customers. It really is a powerful integration toolset in the right hands. Everyone needs to get traffic from A to B. With one of these the capability to add world class protection at any layer, multiple layers of authentication or even inspection becomes possible. That’s on top of providing high availability and redundancy for any application. Its level of detail and control is quite astonishing. I’ve made stateless applications stateful, one protocol talk to another, the list goes on. My favorite has been iRules, I used to have a motto on the wall when I worked in one place for a few months… “iRules for breakfast, how many do you do?” That stateful piece was all written using iRules and saved the business over a million dollars in project costs whilst delivering projects quicker and with less errors. I have deployed nearly every product, my most recent has been migrating customers from legacy F5 physical appliances into virtualized appliances running vCMP. Instead of just running one BIG-IP they can have eight of them on a mid-range appliance. F5’s zero contention virtualization platform means customers can have the speed and the flexibility to provision BIG-IP’s with N dedicated processing cores. One of my favorite F5 product modules is APM. The visual policy editor is a brilliant tool for building your own custom security policy and provides incredibly flexibility. The authentication point to end all authentication points… SAML, OAUTH, OTP, AD, Radius, Tacacs, DIY. You can roll your own N factor auth with built-in/external MFA and have all of it layered using SSO. It really is the authentication cornerstone of the products and is a joy to work with. DC: You are a Distinguished Engineer at airloom. Can you describe your typical workday and how you manage work/life balance? KD: On Monday’s I prepare for the weekly briefing, check outcomes from the previous week and start planning the day. Then tee myself up a list of things to do, including client meetings and begin preparation for them. These continue till the end of the day. I might be in the office one day, working remotely or both. We have no local infra except for a printer and wireless access points, everything we do is in the cloud. This means we are free to work from any location be it at home, office or customer site. The role of an airloom Distinguished Engineer is a pretty awesome one, we report to our CTO Adrian (Nobby) Noblett who was the former F5 Solution Architect for APJ. Our role as DE’s is to help our client’s get the most out of their technology investments, however we are also given the creative license to develop new solutions we believe will help our clients. We have several goals to work towards on a regular basis, and they are not just about projects but also coming up with industry leading solutions no one else is across so we stay ahead of the curve and ensure our clients have access to the best solutions ahead of the entire market. DC: You have a number of F5 Certifications including Technology Specialist (LTM) certifications. Why are these important to you and how have they helped with your career? KD: I am certified in LTM, GTM, ASM, APM. I also just recently attained the Security Solutions Expert. F5 certifications are serious business. They provide assessment and recognition of technical skillset. This is valuable to airloom & valuable to my career and on top of my experience shows that someone is serious about maintaining their knowledge level on a product. I appreciate F5 are diligent about detecting and eradicating shortcuts as this maintains the value of the certification. The blueprints and study guide provided with each exam are highly relevant and far more than many other vendors provide to help professionals prepare themselves. From an airloom perspective it is a requirement that all DE’s are 401 level certified to hold the DE title at airloom, and we actually have the equal most number of 401’s in the world in our team! DC: Describe one of your biggest BIG-IP challenges and how DevCentral helped in that situation. KD: There have been many. The biggest was an iRule solution that a customer refused to implement as a black box solution! The data flow was deemed mission critical so they required on going monitoring. This meant writing another iRule to collect statistics. Then another to display them. The solution itself used about 100 subtables, the statistics around 1000 as it tracked not only the success or failure but all possible execution outcomes, effectively profiling the solution behavior per transaction. This was then output not only as a html web page showing the effectiveness of the solution, but also available in XML format to be polled by a 3 rd party monitoring platform. Their monitoring dashboard had graphs for each transaction type showing its effectiveness over time. It seemed overkill at the time however over three weeks the effectiveness of the solution gradually tapered off from 98% to 0% and by that time we were furiously troubleshooting with F5 support. It turned out about 1 in 200,000 calls to a certain command would return an undocumented outcome. Once known the code was updated, the problem now was the BIG-IP contained hundreds of invalid table entries that never expire. Failing over was not a solution because the HA device maintained an identical copy through session table mirroring. The most effective solution involved a fourth and final iRule to iterate through every permutation and remove the invalid table entries. DC: Lastly, if you weren’t an IT admin – what would be your dream job? Or better, when you were a kid – what did you want to be when you grew up? KD: I think a tour guide. I love talking to people and seeing new things. I could probably travel for ten years and only see half what the world has to offer. Human beings are quite creative people and cultural differences produce an amazing diversity of ideas around the globe. Thanks Kevin! Check out all of Kevin's DevCentral contributions, connect with him on LinkedIn and visit airloom or follow on Twitter.DevCentral’s Featured Member for May – NTT Security’s Leonardo Souza
Leonardo Souza lives in the United Kingdom, with his partner, 5-year-old daughter, and a (very) recently newborn son. He’s Brazilian and lived in Portugal for quite a while. He then moved to UK about 5 years ago ‘because of the amazing weather,’ he jokes. Leonardo started to work with computers when he was 18 years old (he’s not 18 anymore), so he’s worked with many technologies. Fast forward a bit (he’s not that old) and while working as a network engineer, he was working on a project to migrate applications from Alteon load balancers to F5 BIG-IP LTMs. He completed his LTM Essentials and LTM Advanced training during that time (2011) and with the migration project, he was impressed with BIG-IP. He even applied for a job at F5 in 2012 and joined as a Network Support Engineer. That moved him from Portugal to UK, and has been doing F5 products exclusively ever since. With all that, Leonardo is DevCentral’s Featured Member for May and we got a chance to talk with Leonardo about his life, work and scripting prowess. DevCentral: You were an F5er from 2012-15 and continue to be a very active contributor in the DevCentral community. What keeps you involved? Leonardo: I often say that 1 year in F5 support is equal to 5 years as a F5 customer. While in F5 support, I had multiple technical challenges every day, and I would typically go to DevCentral to check iRules documentation and get ideas for uncommon cases. After I left F5, I started using DevCentral to stay up to date about what is going on in the F5 world by reading the DevCentral articles. Then I started to go there daily and answer some questions myself. Short answer: to keep me updated, both about F5 news and my F5 knowledge. DC: Tell us a little about the areas of BIG-IP expertise you have. LS: Is difficult to know all F5 products, because some are for very specific networks/scenarios, but I know the common ones: BIG-IP BIG-IP LTM, GTM/DNS, AFM, APM, ASM, EM, BIG-IQ, and iRules. I had been a little bit lazy about the F5 certifications but recently I have done all level 300 exams. I have started study for the 401, so that should be done in the next couple months. DC: As a Security Consultant at NTT Security, what’s your typical workday? LS: First to clarify, the company recently changed names from NTT Com Security to NTT Security. I work in professional services, doing projects that use F5 products. My daily work includes doing some pre-sales activities advising pre-sales team about the F5 products, doing projects, and finding solutions or writing scripts to automate some F5 tasks. DC: Describe one of your biggest BIG-IP challenges and how DevCentral helped in that situation. LS: I have been using DevCentral for many years, and iRules, to a point where it is part of my daily job. Flexibility is a major advantage for F5 and people ask all the time “Can you do this with an iRule?” Recently, I was working in a project to upgrade many F5 devices. We had to perform an extensive inventory for each device which was taking about 3 days per device. I wrote a Python script using iControl SOAP to perform that task. (I still prefer bash script, but there is no iControl SOAP for bash) It would take around 240 days to do that manually, and we did in around 3 days using the script. DC: Finally, if you weren’t in technology – what would be your dream job? Or better, when you were a kid – what did you want to be when you grew up? LS: I am doing the job I wanted since I was young and I can’t picture myself doing any other type of job. Thanks Leonardo! Check out all Leonardo’s DevCentral contributions or connect with him on LinkedIn. And visit NTT Security on the web or follow on Twitter and LinkedIn.Q/A with Betsson's Patrik Jonsson - DevCentral's Featured Member for April
Patrik Jonsson lives in Stockholm with his wife and son and works as a network engineer for a company providing online casino games across the world. Outside work, he likes to spend time with his family, play around with his home VMware lab and enjoys watching movies. He also loves travelling and having a beer with friends. Patrik is also a 2017 DevCentral MVP and DevCentral’s Featured Member for April! DevCentral got a chance to talk with Patrik about his work, life and his project the BIG-IP Report. DevCentral: You’ve been a very active contributor to the DevCentral community and wondered what keeps you involved? Patrik: One of the best, and fun ways to learn new things is to take on problems, or discussions presented by fellow technicians. It forces you to continuously challenge what you think you know and keeps your knowledge up to date. In addition, when I need input, or help myself, DevCentral has so many brilliant and helpful members ready to take on whatever you throw at them. DC: Tell us a little about the areas of BIG-IP expertise you have. PJ: The first time I ran into a BIG-IP was just after I graduated from university. It was a 1000 series running BIG-IP v4. When I quit that job 6 years later I considered asking to bring it home with me, but somehow my girlfriend at the time was not as keen to the idea. Still don’t know why. 🙂 I’ve been working mostly with BIG-IP LTM and iControl, but recently I’ve started to dabble a bit with APM, GTM/DNS and ASM as well. DC: You are a Network Security Specialist at Betsson. Can you describe your typical workday? PJ: At Betsson you never know what’s going to happen when you step into the office. The gaming industry has very tough competition and getting comfortable as one of the bigger players around is not an option since rivals are always ready to take your place. This, combined with awesome colleagues, makes it a joy to step into the office every morning. DC: Describe one of your biggest BIG-IP challenges and how DevCentral helped in that situation. PJ: Being a multinational company with offices supporting multiple brands, one of the biggest challenges we have is knowledge sharing. Giving the developers the correct information when they need it is vital for an efficient application delivery. In order to provide this, we have used iRules to present troubleshooting information in the form of custom headers so developers can see which pool and member that responded to their request and the current status of all members. We also have a smarter version of the traditional sorry page which shows information about the failed pool and what’s being monitored. And then of course, BIG-IP Report. All of these are using iRules and iControl and would not have been possible without the DevCentral API documentation and of course, my hero Joe Pruitt. DC: What can readers learn from your blog: https://loadbalancing.se/ and what is the BIG-IP Report? PJ: My blog is where I post ideas and projects that I have. There’s a BIG-IP APM + Google Authenticator guide, F5 Web UI augmentation script for version 11 and a few other things. BIG-IP Report was born out of a need to show people the load balancing configuration in a simple manner without giving them access to the BIG-IP interface. After implementing it we have gone from developers asking us where things are, to instead them telling us about bad configuration. We also discovered that it is awesome for us as well, as we can get an overview of the configuration across multiple devices. Finding a specific VIP, or pool is so much easier when the information is in one place. I guess the best way to understand it is to try it at http://loadbalancing.se/bigipreportdemo/ The blog is not updated that often, so it’s safe to subscribe without getting too much spam. DC: Lastly, if you weren’t an IT admin – what would be your dream job? Or better, when you were a kid – what did you want to be when you grew up? PJ: I think my dream would be working with a non-profit organization helping people in need. I love travelling and combining that with something meaningful would be really nice. Thanks Patrik! Check out all of Patrik’s DevCentral contributions, check out his blog, or connect on LinkedIn. And visit Betsson on the web or follow on Twitter.DevCentral's Featured Member for September - Philip Jönsson
Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and ourFeatured Seriesgives you some insight on some of our most active folks. You might remember him from theF5 Certification Study Guides, DevCentral MVP Philip Jönsson is our Featured Member for September 2020! Let's learn more about Philip. DevCentral: First, please explain to the DC community a little about yourself, what you do and why it is important. Philip: I work as a Security consultant where I’m assisting customers with implementing, maintaining, and developing their environments based on a variety of security products with the goal of securing their applications and infrastructure. My main focus is F5, but I also work with other vendors who specialize in VPN and Next-Generation Firewalls. I was first introduced to F5 on the customer side but didn’t get to work with it much. My first real hands-on experience was back in 2013, about a month after being hired at Orange. We had an internal class introducing LTM after which my manager wanted me to write the 101 certification exam. Since then I have been working with F5 both from an operational standpoint and consultancy assignments. On my spare time I like to nerd into different technologies to learn something new or write on our F5 books that I co-write with a fellow DC MVP Steven Iveson. I also enjoy spending time with friends and family, play video-games or my quite newly found interest, vinyl collecting. I’m an Electronic Dance Music (EDM) enthusiast, so my collection is mostly based on that genre. DevCentral: You’ve been active contributor in the DevCentral community over the years.What keeps you involved? Philip: DevCentral is a great tool to develop your own knowledge and get assistance with finding solutions, building iRules and solve bugs. There are truly brilliant minds in this community, and they are extremely keen on helping others. As I have benefited a lot from this community, I want to pay it forward and if I know something that I can share with the community I will gladly do it. DevCentral: Tell us a little about the technical expertise you have. Philip: I started my career in the Network Operations Center working with pretty much every major vendor out there which gave me a wide range of expertise. After a while you stop focusing on the GUI and only on the underlying protocols which all vendors rely on. But my main focus has always been F5 which has given me the opportunity to work with BIG-IP LTM, APM, ASM, DNS, AFM, SWG, SSLO, VIPRION and vCMP. As I have always been more on the NetOps side, I have started my journey of going more towards the DevOps side and learning more about automation and container based environments. DevCentral: You are a Security Specialist with Orange Cyberdefense . Can you describe your typical workday, how you manage work/life balance and the strong support of F5 solutions? How has the recent pandemic impacted your work? Philip: My typical workday involves jumping between multiple customers where I’m sometimes booked for 2-3 days per week for a particular project or 1 day per week where I assist customers in their daily operations. A project could be installing a new vCMP cluster, building/designing a new datacenter or building a new environment in cloud. Balancing life and work are tough at the moment being a father of two small children and the strong wish of continuing to develop books. Since I’m writing only on my spare time. When there just aren’t enough hours on a day you start to remove activities that is beneficial for your health. First, I stopped playing video games then I stopped exercising, and going to the gym and finally cut down on my hours of sleep. When we were developing the 201 book, I had the goal to release it before my daughter was born because I knew my available time would be even less than what I had and I wanted to focus on her. At that time I put my son to sleep at 8PM and then immediately went to work on the book until around 1AM, head to bed and up at 5AM to get ready for work and get my son to preschool. This was my routine every day from November 2017 until 10th of March 2018 when the book was released, one day before my daughter was born. Nowadays I try my best to balance between life and work and as my daughter’s sleep and routines improve, so does my hours of writing. My strong support for F5 originates from that first class I took back in 2013. I enjoyed the product from start, and I saw the capabilities and potential it could have for its customers. The best is to see it in action and showing customers the swiss army knife, they have actually bought. That has not changed, in fact, it has only gotten stronger as I see how F5 as a company adapts to current trends and keep giving value to both new and existing infrastructure. In the beginning the pandemic resulted in doubling in work where I sometimes had to work 70h in one week in order to rapidly expand customers’ VPN capabilities. Now all our work is being done from home and if a customer needs us on-site, they have to request it and it needs to be approved by a manager at Orange. DevCentral: Do you have any F5 Certifications? If so, why are these important to you and how have they helped with your career? Philip: I recently re-certified for the 401 certification and currently need to redo the DNS (GTM) exam. The certifications have helped me expand my knowledge as they are designed to gradually add more knowledge starting from basic networking, to administrating an LTM and finally specializing in each major module and becoming a solution expert. DevCentral: Do you have any more books or study guides coming along soon? Philip: Right now, we are working on updating our old 101 Application Delivery Fundamentals Study Guide because much has happened with that exam since we released it back in 2014. We are doing a complete remake of it, refreshing all its diagrams and expanding the Solutions chapter, covering all F5 modules. We have received feedback from people wanting to have that chapter expanded because as a complete rookie to F5, understanding what each module do and assist with can be quite overwhelming seeing each individual module is to be considered a product by itself. Learning about a new product can be quite tough because sales pitches do not really relate to specific customer scenarios and just contain fancy buzz words whereas technical papers could be too advanced and only focus on one particular subject without customer scenarios in question. We try to combine these two by providing technical explanations of solutions connected to customer scenarios. They should simply explain how it is done on a technical level and how that can be useful to a customer. I hope the reader will enjoy that. For that chapter alone we have added around a 100 pages. Once that is complete, we still have to add quite a lot of topics to align with the new exam, but that process will be much quicker I hope. DevCentral: Describe one of your biggest Customer challenges and how the community helped in that situation. Philip: I worked with a customer that used Secure Web Gateway (SWG) as a transparent forward proxy for their employees. They allowed social media applications like Facebook and Instagram inside their company network but that traffic ran through their transparent proxy. After Facebook updated their app to only support TLS 1.3 the app stopped to work since the BIG-IP did not support that at that time. Theoretically we could simply exclude SSL interception of Facebook addresses inside SWG but if I remember correctly, the cipher mismatch happened before policy evaluation inside SWG so it did not work. I decided to solve it by creating an iRule that checked the TLS version and if it was version 1.3 I would simply forward the traffic to the Original Content Server (OCS) without trying to modify or interfere with the traffic. With a big help from MVP (and F5 Consultant) Stanislas Piron who created an amazing iRule that completely breaks down the SSL Handshake, I managed to create an iRule for the purpose. The iRule looks at both the destination IP address and SNI and if it matches, it disables the HTTP and SSL profiles, evidently degrading the VS to operate on L4 with no intelligence. For easy use, I created data-group lists so the customer could easily add and remove applications as they needed to. What’s funny is that this iRule was used by a different customer to solve the same problem in Bluecoat ProxySG’s that was being load-balanced by F5 LTM’s. Since Bluecoat proxies do not have iRules, they had no solution to that problem at that time which goes to show the type of strength F5 has. DevCentral: Lastly, if you weren’t doing what you’re doing – what would be your dream career? Or better, when you were a kid – what did you want to be when you grew up? Philip: My dream job as a kid was actually to become a pilot but when it was time to choose schools, I had developed a fear of flying. And becoming a pilot that was afraid of flying didn’t seem like a good idea haha. I think that was a result of watching too many episodes of ‘Mayday’. ---Thanks Philip !We really appreciate your willingness to share. To stay connected with Philip on other social media channels: LinkedIn Twitter Orange CyberdefenseDevCentral's Featured Member for July - Kees van den Bos
Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and our Featured Series gives you some insight on some of our most active folks. DevCentral MVP Kees van den Bos is our Featured Member for July 2020! Let's learn more about Kees! DevCentral: First, please explain to the DC community a little about yourself, what you do and why it’s important. Kees: I am a freelance Security Engineer/Consultant working for several different customers in the Netherlands. I started freelancing in 2013 and have been working mostly with F5/BIG-IP. I also became a F5 Partner. This helps me when engaging customers or selling LAB VE and normal licenses (to both individuals or companies). Started my IT career as a network (read windows) administrator and worked my way up to become a more security focused engineer/consultant. In my free time I like to go caving or canyoning. I started caving when I was 14 and over the years I visited caves in France, Austria, Belgium, Spain, Croatia and Greece. In 3 of those caves the bottom was at 1125 Meters, 1270 meters and 1355 meters (and I have been at the bottom). During holiday’s we go canyoning with the family, it is a great outdoor sport for all ages. DevCentral: You are a very active contributor in the DevCentral community.What keeps you involved? Kees: Like in my daily work I like to help people with their “issues”. DevCentral is a great platform to share and help solving issues. I must admit that I was a big fan of the old platform/forum. Now I try to help the DC team by giving my input on what I see/miss within the current platform. But I must admit, it is getting better and better. DevCentral: Tell us a little about the technical expertise you have. Kees: For the last 10 years I have been working with firewall’s, networking (routing and switching), virtualization, proxies (forward and reverse), wireless, remote access, authentication, but as a freelancer mainly on BIG-IP LTM, ASM, APM, GTM/LC, AFM. But the other knowledge helps me in my day to day job. DevCentral: You are the Owner of kees4IP . Can you describe your typical workday, how you manage work/life balance and the strong support of F5 solutions? How has the recent pandemic impacted your work? Kees: My day would normally start with driving to a client, now with Corona it's different. I start the day behind my laptop reading emails or chat conversations. Most of my clients allow me to work from home. Within a week I try to reserve one day where I can work for different customers during the day. (help them with small issues). The other 4 days I work for one or two clients full time. My strong support for F5 solutions was by accident, the second project I work on was a migration from Alteon to BIG-IP and from then on I mostly worked with BIG-IP (with some help of the Benelux F5 sales/tech team). In the evening or weekend I write quotations for new project or licenses/devices and invoices. But it is very important to take time off with the family. So I reserve a minimum of 5 weeks per year for holidays. DevCentral: Do you have any F5 Certifications? If so, why are these important to you and how have they helped with your career? Kees: I am 401 CSE security and certified trainer for LTM, ASM and APM. Being certified helps me in getting new customer contacts, but I think that working posture and customer approach are just as important as certifications. They help me building strong relationships with my customers. Being certified in 401 also helps being a certified trainer. DevCentral: Describe one of your biggest customer challenges and how the DevCentral community helped. It's not my biggest challenge but as the BIG-IP is a HTTP proxy it is nice to be able to read the HTTP headers that are traversing the box. There is a very nice iRule that I found on DC (made by I think Hoolio (Aaron Hooley) that helps me a lot when troubleshooting client HTTP issues (rewriting, etc). Link to the iRule on my webpage: https://www.kees4ip.nl/?Knowledge___HTTP_LOGGING_IRULE DevCentral: Lastly, if you weren’t doing what you’re doing – what would be your dream career? Or better, when you were a kid – what did you want to be when you grew up? Kees: I never had a real dream career. My uncle was working at the Delft University and was a “computer” expert. During holidays I spent a lot of time with my uncle and aunt and they had an old teletype connected to a small microprocessor. I was playing mastermind all day. So for me it was almost natural to become an IT expert. Thanks Kees!We really appreciate your willingness to share. To stay connected with Kees on other social media channels: LinkedIn TwitterDevCentral's Featured Member for August - Sebastian Maniak
Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and ourFeatured Seriesgives you some insight on some of our most active folks. You might remember him from the DC Connects Automation Episode, DevCentral member Sebastian Maniak is our Featured Member for August 2020! Let's learn more about Sebby! DevCentral: First, please explain to the DC community a little about yourself, what you do and why it is important. Sebastian: I am an entrepreneur/consultant. I focus on business and technology services aimed at helping Customers, Technology Manufacturers and Resellers succeed in deploying and securing their applications and infrastructure. I have been working with F5 products since 2006 deploying and PXE booting BIG3DNS Version 4.x. Since then I have delayed many versions and modules across the world for different Enterprises, Resellers and Financial institutions. In my free time I focus on family and health. I enjoy spending my free time with my kids and wife on the beach, a nice hike or hitting my local Cross-fit gym to throw some weight around. DevCentral: You’ve been an active contributor in the DevCentral community over the years.What keeps you involved? Sebastian: I use the DevCentral community almost daily to look up iRules, bugs, and fixes... etc. but to be honest I spend a lot of time on the F5 cloud slack channel. I am really grateful for the amazing F5 community and the relationships I have built with the SE’s around the world. DevCentral: Tell us a little about the technical expertise you have. Sebastian: I started as a Network engineer focusing on routing/switch, that moved into security and application delivery and now I focus my time on moving customers to embrace infrastructure as code. I have been focusing and following F5 technologies for almost 14+ years, deploying, fixing, patching and migrating applications onto all the F5 modules. DevCentral: You are an F5 Solutions Lead with Lyrical Security ? Can you describe your typical workday, how you manage work/life balance and the strong support of F5 solutions? How has the recent pandemic impacted your work? Sebastian: I have recently joined forces with the great team at Lyrical Security to help focus on Strategic Partnerships, business development and building out the best F5 practice in Canada. I am looking forward to start building more content and code to share with the community under the new Lyrical Security brand. My typical day starts off with a workout, I wake up early (5:30ish) to hit a morning Cross-fit class, ride on my Peloton Bike or Rowing machine for a good sweat to get the day going. If my kids are still sleeping ( 3 year old daughter and 1 year old son).. I try to answer some customers' emails and requests, to get ahead for the day. My typical work week/day varies depending on my customers needs and schedules.. Some weeks/days we are building and upgrading various F5s on-prem or in the cloud, other weeks/days we are troubleshooting odd issues. In my free time, I focus on learning, I have a couple hours scheduled in my work day to focus on improving my skills and learning something new. Ex. Last week I attended Eric Chen Consul+F5 webinar.. So this week I spent some time building out my own lab to understand how it all works. Covid19 impact on work/life balance hasn’t changed from my perspective, I have worked remotely for the past 10 years. The biggest adjustment was having my kids with me all day and managing my customers and their activities. I believe we have built a good routine now. DevCentral: Do you have any F5 Certifications? If so, why are these important to you and how have they helped with your career? Sebastian: Currently my certs are expired.. But I do believe that certs are important to get a fundamental understanding of a technology. At the beginning of my career they have helped me get established in the community and build trust with customers and resellers to use me as their F5 subject matter expert. DevCentral: Describe one of your biggest Customer challenges and how the community helped in that situation. Sebastian: I have used DevCentral and F5 Slack community to solve many challenges, from iRules to APM Variables settings, cipher best practices, ansible playbooks...etcBut back in 2014 or 15.. I was starting to play-around with Ansible and read an article by Joe King and Mark from WWT. His article described an ansible guide to onboard an F5 BIG-IP. With a simple playbook and a CSV that described the entire f5 config (NTP, VLANS, SYNC, SELFIP, Device Groups, VIPS, Pool Members...etc) I was able to provision many F5 Devices and VIPs in minutes, it changed the way I approached my engagements. I pivoted my path to focus more on automation and orchestration. Game change for me. I also had the opportunity to connect with Joe and Mark through webex to discuss their playbook and help me optimize my setup. I am really grateful that the community shares code and helps each other solve problems. DevCentral: Lastly, if you weren’t doing what you’re doing – what would be your dream career? Or better, when you were a kid – what did you want to be when you grew up? Sebastian: That’s a hard question, because I can't imagine doing anything else. I work with many different organizations, different people on different issues. It's fun jumping into a situation to solve an issue. But if i really had to dig deep … a Power Ranger! for sure, It would be awesome to save lives and drive the cool vehicles they had. ---Thanks Sebastian!We really appreciate your willingness to share.To stay connected with Sebastian on other social media channels: LinkedIn Twitter Lyrical Security
