WhiteBoard Wednesday: HTTP Strict Transport Security
In this edition of Whiteboard Wednesday, we discuss the topic of HTTP Strict Transport Security (HSTS). This interconnected world is quickly moving toward encrypting everything, and it's nice to know some of the capabilities that are available today. This video highlights what HSTS is, how it can be used, and how you can implement it using the BIG-IP. Enjoy! Related Resources: Implementing HSTS using iRules Implementing HSTS in LineRate Update - Implementing HSTS in Policy: ltm policy hsts_handling { controls { forwarding } requires { http tcp } rules { hsts_header_insert { actions { 0 { http-header response insert name Strict-Transport-Security value "max-age=31536000; includeSubDomains; preload" } } ordinal 2 } nonssl_redirect { actions { 0 { http-reply redirect location https://[HTTP::host][HTTP::uri] } } conditions { 0 { tcp port values { 80 } } } ordinal 1 } } strategy first-match }1.4KViews0likes11CommentsWhiteboard Wednesday: iCall Overview
Jason takes a high level view of the iCall event-based automation system on F5 BIG-IP. Resources Articles iCall Introduction Configuration Backups Disable Interface on Unavailable Pool Codeshare Samples Technorati Tags: icall, f5 big-ip, tmsh737Views0likes2CommentsWhiteBoard Wednesday: SSL Renegotiation
We all know that a client and a server have to negotiate a connection before they can talk securely via HTTPS. But, did you know that, in some cases, that same client and server will need to "renegotiate" their secure connection while they are still talking securely? In this video, John talks about SSL renegotiation and covers a new feature in the BIG-IP that helps protect web servers from potential asymmetric DoS attacks. Enjoy! Related Resources: https://devcentral.f5.com/s/articles/ssl-profiles-part-6-ssl-renegotiation338Views0likes2CommentsWhiteBoard Wednesday: Local Traffic Policies
In this edition of WhiteBoard Wednesday, we discuss Local Traffic Policies. Many customers use iRules to provide flexibility and customization for their HTTP traffic, but now (starting in 11.4) Local Traffic Policies are available to handle many of the issues that were once solved by iRules alone. Local Traffic Policies are extremely fast and efficient, so check out the video below and start to implement them for yourself! Related Resources: Overview of the Local Traffic Policies Feature Local Traffic Policy Overview185Views0likes0CommentsWhiteBoard Wednesday: Breaking Down the TLS Handshake
In this edition of WhiteBoard Wednesday, we look at the Transport Layer Security (TLS) Handshake. TLS has become an extremely popular protocol used today, and it's important to know some of the details of how a client and server interact when using this protocol. The TLS handshake is the initial set of transactions that happen between client and server, and this video explores all the exciting details of that handshake. Enjoy! Related Resources: https://devcentral.f5.com/s/articles/whiteboard-wednesday-ssl-ciphers https://devcentral.f5.com/s/articles/security-sidebar-improving-your-ssl-labs-test-grade https://devcentral.f5.com/s/articles/i-trust-certificate-authorities-but-i-have-no-idea-why239Views0likes0CommentsWhiteBoard Wednesday: All About Profiles
In this edition of WhiteBoard Wednesday, John explores the space of BIG-IP Profiles. What are they? Why do you need them? Do you know? Watch the video and find out for yourself...then, by all means, get out there and start creating some custom profiles!175Views0likes0CommentsWhiteBoard Wednesday: Explaining the Logjam vulnerability
In this edition of Whiteboard Wednesday, John explains the recent logjam vulnerability and discusses why it is important. This vulnerability has received significant coverage in the past several days (it even has its own website), and it's important to know the basics of what it is and how it affects your web applications. John also covers a few logjam mitigation steps that will ensure your web applications stay secure. Related Resources: David Holmes article on Logjam remediation:https://devcentral.f5.com/s/articles/remediating-logjam-an-irule-countermeasure Logjam mitigation iRule (written by Jason Rahm):https://devcentral.f5.com/s/articles/logjam-mitigation212Views0likes0Comments