Forum Discussion
nathe
Oct 06, 2014Cirrocumulus
- yes
- last week's update was that the only exploit f5 had seen against the management gui was when authenticated only. This is important to note. i.e. user had to have admin/root, for example, privileges to exploit the gui with an attack.
F5's advice (and constant best practice anyway) is to have the mgmt interface connected to a secure, private subnet only, and any self-ips that are externally facing need to have 443 access disabled.
Hope this helps,
N