The Global Leader in Application Delivery Networking

F5 Networks

Subscribe to F5 Networks: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get F5 Networks: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories

The time of year when crystal balls get a viewing and many pundits put out their annual predictions for the coming year. Copying off since 2012, rather than thinking up my own, I figured I’d regurgitate what many others expect to happen. Top 10 Cyber Security Predictions for 2018 – Infosec Institute kicks off this year’s Top 10, Top 10 list with a look back at their 2017 predictions (AI, IoT, etc.) and dives head first into 2018 noting that Ransomware will be the most dangerous threat to organizations worldwide; cryptocurrency will attract fraudsters looking to mine; cloud security will (again) be a top priority; cyber insurance will explode and cyber-bullying, especially for teenagers, is at the emergency stage. Cyber security predictions for 2018 – Information Age taps Mike McKee, CEO of insider threat management company ObserveIT, to offer his insight. Lack of ... (more)

Blog Roll 2017

It’s that time of year when we gift and re-gift, just like this text from last year. And the perfect opportunity to re-post, re-purpose and re-use all my 2017 entries. If you missed any of the 64 attempts including 16 videos, here they are wrapped in one simple entry. I read somewhere that lists in articles are good. I broke it out by month to see what was happening at the time and let’s be honest, pure self-promotion. Check out our Featured Members for the year, dig into June’s Cloud Month, catch up on some #Basics or sit back and watch some cool Lightboard videos. I truly appreciate your engagement throughout 2017 and Have a Safe and Happy New Year! ​​​January 2017 OK 2017, Now What? Lightboard Lessons: What is MQTT? Deploy BIG-IP VE in AWS What is Load Balancing? What is an Application Delivery Controller – Part I What is an Application Delivery Controller – Pa... (more)

Is 2017 Half Empty or Half Full? | @ThingsExpo #AI #ML #DX #IoT #SmartCities

With 2017 crossing the half way point, let’s look at some technology trends thus far. Breaches: Many personal records are half empty due to the continued rash of intrusions while the crooks are half full of our personal information along with some ransom payments. According to the Identity Theft Resource Center (ITRC), there have been 7,689 breaches since 2005 (when they started tracking) compromising – get this – 900,315,392 records. Almost 3 times the U.S. population. In 2016, 56% of all Data Breaches began with a user clicking on a phishing email. The big story for 2017 I think, is the rise of ransomware. Kaspersky reports a 250% increase in ransomware for the first few months of 2017. From WannaCry to Petya to Fusob, criminals are holding systems hostage until a ransom is paid…or not. Ransomware seems to be this year’s big trend with backups saving some from to... (more)

The OWASP Top 10 – 2017 vs. BIG-IP ASM

With the release of the new 2017 Edition of the OWASP Top 10, we wanted to give a quick rundown of how BIG-IP ASM can mitigate these vulnerabilities. First, here’s how the 2013 edition compares to 2017. And how BIG-IP ASM mitigates the vulnerabilities. Vulnerability BIG-IP ASM Controls A1 Injection Flaws Attack signatures Meta character restrictions Parameter value length restrictions A2 Broken Authentication and Session Management Brute Force protection Session tracking HTTP cookie protection A3 Sensitive Data Exposure Data Guard A4 XML External Entities (XXE) Attack signatures (see below) A5 Broken Access Control File types URL URL flows Session tracking URL flows Attack signatures (Directory traversal) A6 Security Misconfiguration Attack Signatures A7 Cross-site Scripting (XSS) Attack signatures Parameter meta characters Parameter value length restrictions Par... (more)

Mitigate L7 DDoS with BIG-IP ASM

Today, let’s look at a couple ways to mitigate an application DDoS attack with BIG-IP ASM. We’ve logged into a BIG-IP ASM and navigated to Security>DDoS Protection>DDoS Profiles. In the General Settings of Application Security, we’ll activate an application DoS iRule event. We’ll click TPS-based Detection to see the temporarily lowered TPS thresholds to easily simulate an attack. Often, there are multiple mitigation methods that are sequentially applied as you can see with the Source IP settings. We can also record traffic packet captures during attacks for post analysis. When the user requests a web application proxied by BIG-IP ASM, ASM will create a unique identifier or a Device ID. ASM will inject JavaScript to register each client device. You can see X-Device-ID: at the bottom. And JavaScript incapable clients never make it through. Now that the unit is re... (more)

Lightboard Lessons: What are Bots?

In this Lightboard Lesson, I light up some #basics about internet bots and botnets. Humans account for less than 50% of internet traffic and the rest is spread between the good bots and bad ones. ps Related: The Facts about Botnets The state of botnets in late 2015 and early 2016 What are bots? ... (more)

What Is #MQTT? | @ThingsExpo #IoT #M2M #RTC #DigitalTransformation

The mad dash to connect virtually every noun to the internet or the Internet of Things is creating a massive M2M network for all the devices, systems, sensors and actuators to connect & communicate on the Internet. With that, they need a communications protocol to understand each other. One of those is Message Queue Telemetry Transport (MQTT). MQTT is a “subscribe and publish” messaging protocol designed for lightweight machine-to-machine (or IoT) communications. In this episode of Lightboard Lessons, I light up how MQTT works. ps Related: IoT Ready Infrastructure IoT Effect on Applications IoT Influence on Society What are These "Things? The Intruders of Things Internet of @ThingsExpo, taking place June 6-8, 2017 at Javits Center, New York City, is co-located with 20th International @CloudExpo and will feature technical sessions from a rock star conference facult... (more)

Cloud Needs Context-Aware Provisioning

The awareness of the importance of context in application delivery and especially in the “new network” is increasing, and that’s a good thing. It’s a necessary evolution in networking as both users and applications become increasingly mobile. But what might not be evident is the need for more awareness of context during the provisioning, i.e. deployment, process. A desire to shift the burden of management of infrastructure does not mean a desire for ignorance of that infrastructure, nor does it imply acquiescence to a complete lack of control. But today that’s partially what one can expect from cloud computing . While the fear of applications being deployed on “any old piece of hardware anywhere in the known universe” is not entirely a reality, the possibility of having no control over where an application instance might be launched – and thus where corporate data ... (more)

A Living Architecture

You often hear people say, ‘oh, this is a living document,’ to indicate that the information is continually updated or edited to reflect changes that may occur during the life of the document. Your infrastructure is also living and dynamic. You make changes, updates or upgrades to address the ever changing requirements of your employees, web visitors, customers, partners, networks, applications and anything else tied to your systems. This is also true for F5′s Reference Architectures. They too are living architectures. F5′s Reference Architectures are the proof-points or customer scenarios that drive Synthesis to your data center and beyond. When we initially built out these RAs, we knew that they’d be continuously updated to not only reflect new BIG-IP functionality but also show new solutions to the changing challenges IT faces daily. We’ve recently updated the I... (more)

The IoT Ready Platform By @PSilvas | @ThingsExpo #IoT #API

Over the last couple months, in between some video coverage for events, I’ve been writing a series of IoT stories. From the basic What are These "Things”? and IoT Influence on Society to the descriptive IoT Effect on Applications and the IoT Ready Infrastructure. I thought it only fair to share how F5 can play within an IoT infrastructure. Because F5 application services share a common control plane—the F5 platform—we’ve simplified the process of deploying and optimizing IoT application delivery services. With the elastic power of Software Defined Application Services (SDAS), you can rapidly provision IoT application services across the data center and into cloud computing environments, reducing the time and costs associated with deploying new applications and architectures. The beauty of SDAS is that it can provide the global services to direct the IoT devices to... (more)

TMOS Redefining The Solution

The TMOS architecture, a collection of real-time features and functions, purpose-built and designed as a full-proxy solution with the power and performance required in today’s network infrastructure. You can get the full PDF at: tmos-wp.pdf Download now or listen on posterous AudioWP_-_TMOS_Redefining_the_Solution.mp3 (25479 KB)   ... (more)