Forum Discussion
GVIJ_208206
Jul 15, 2015Nimbostratus
Followup question.
Since F5 would be placed in the customers DMZ network and acting as a proxy (HTTPS/WebSocket) between the Internet client and the Internal application server, are there any major security risks associated with WebSocket connection between Client and the Server?
The Internal application is built on JDK and if exploited via WebSocket connection, could allow the hacker to access the program flow and modify the code. This is the customer concern.
If there is any best practice documentation for F5 configuration to protect against this kind of WebSocket vulnerability, please let me know
Thank you