LDAPS and renegotiation
Hello, hope everyone is well! we have a requirement to present 2 different issuer/signed certificates based on the incoming client IP. I am pretty sure from an HTTP perspective I would do something like this when CLIENT_ACCEPTED { if {([class match [IP::client_addr] eq signer_list_of_client_A_IPs]) } { SSL::profile cert_with_issuer_type_A } else { SSL::profile cert_with_issuer_type_B } } when HTTP_REQUEST { SSL::renegotiate } Question I have is whether this would work for LDAPS clients and how (if needed at all) the renegotiation step would be achieved, given that the HTTP_REQUEST will not be available. Many thanks Jon
Need help on i-rule to specific uri path
Hello All, I'm working on an i-rule that I need to do the following; given a set of specific source ip addresses, only allow access to specific uris of /ws/rest/external*. I set the specific source addresses in a data group, referencing the data group. When I apply this i-rule to the virtual server, on testing I get an Insecure HTTPS message. I am on version 15.8.1.2. We plan to upgrade to most stable release on 16 soon. Any suggestions on what I can do with the i-rule posted below? Thanks in advance. when CLIENT_ACCEPTED { if { [class match [IP::client_addr] equals Boomi_external] } { pool esd-bmapi-dc1-as01-f5.lanl.gov_8077_pool } } when HTTP_REQUEST { if ![HTTP::has_responded] { if { ([HTTP::host] equals "apigway-d.lanl.gov" or [HTTP::host] equals "apigway-d.lanl.gov") } { if { [HTTP::uri] starts_with "/ws/rest/external* " || [HTTP::uri] starts_with "/ws/rest/external*" } { pool esd-bmapi-dc1-as01-f5.lanl.gov_8077_pool } else { reject } return } } }
Content type hearder charset=UTF-8
Hello friends, We have a requirement to have WAF should only allow charset=UTF-8 in the Content-Type header. So curios does this cover by any rule in ASM policy or do we have to create a custom rule through iRule or other ? Basically our objective to accept only ute-8 and reject rest of any. Appreciate any inputs !!
ASM - Parent policy vs OWASPcompliance
Hi folks, I am implementing a WAF in my company and I would like to work with parent and child policies. This way, if we need to add something in general, I can apply it to the parent policy and it will replicate this change to the child policies, instead of going one by one and applying it individually. However, I found out that "Parent and Child Security Policies are not supported by the OWASP Top 10 compliance dashboard." So, I would like to know what the best approach is. Is it worth going ahead with the parent and child policies and ignore the OWASP compliance dashboard? Or, in terms of security, is it better to create a normal ASM policy without parent or child relationships?
F5 ASM Response logging show different timezone from Request logging
Dear All Respected Members, I have a question on f5 AWAF response logging. I am setting up a WAF policy to block attacks and monitor all traffic to and from the real servers. I can see the logs generated for both request & response, but it shown incorrect log timezone for responses. BIG-IP, real server and client are set local time zone GMT+7, but the repone logs are GMT. I have double checked timezone on all devices are configure correctly. Could you advise me what is the root cause and how to fix it? Thanks.Global Live Webinar (06/13): Protecting Healthcare Data with Epic and F5 Solutions
Protecting Healthcare Data with Epic and F5 Solutions This event is open to all F5 users regardless of geographic location. Part 1 Date: Thursday June 13, 2024 Time:10:00am PT | 1:00pm ET What's the webinar about? In an era where healthcare data is under constant siege from hackers, the imperative to safeguard patient information has never been more critical. As regulatory pressures mount and cyber threats evolve, organizations grapple with the daunting task of fortifying data security while maintaining uptime and performance. Enter F5 and Epic, an alliance dedicated to not only defending/protecting healthcare data but also ensuring its availability and optimizing performance. Join us for an illuminating webinar where Epic and F5 unveil their collaborative strides in bolstering security, uptime, and performance solutions for healthcare data and applications. Explore invaluable insights into safeguarding healthcare data while optimizing performance and ensuring uninterrupted availability. Learn more, register todayGlobal Live Webinar (06/18): Meet F5 BIG-IP Next: 4-Part Webinar Series: Part4
F5 BIG-IP Next 4-Part Webinar Series: PT4 (06/18): Get Zero-Trust App Access with F5 BIG-IP Next This event is open to all F5 users regardless of geographic location. Part 1 Date: Tuesday, June 18, 2024 Time:10:00am PT | 1:00pm ET What's the webinar series about? The F5 BIG-IP product suite is a trusted and versatile solution that organizations depend on to ensure the availability, performance, and security of their apps. As the application landscape continues to shift, BIG-IP must also adapt and evolve. Tune in to our four-part webinar series to discover the next generation of BIG-IP software that’s built to support the future application landscape. It’s the same BIG-IP that F5 customers know and trust, simply modernized and optimized for the future. You’ll see how the core app delivery and security functionality from BIG-IP carries forward to F5 BIG-IP Next with numerous systemic improvements that will streamline your day-to-day operations, bolster your security posture, and optimize application performance. Part 4 of 4 June 18th Webinar will cover: Get Zero-Trust App Access with F5 BIG-IP Next Join us for a look at BIG-IP Next Access, the next generation of F5 BIG-IP app access control. An API-first solution, BIG-IP Next Access delivers secure access-as-code. This means you can now integrate access security directly into the app development process — ideal for those embracing automation in security controls. Learn how this modern access security platform streamlines key use cases like Identity Aware Proxy and SSL VPN. A demo with BIG-IP Next Access Visual Policy Designer (VPD) will show how easy and fast it is to create policy with minimal UI work. Part 4 Speakers June 18th: Erin Verna, Principal Product Marketing Manager, F5 Luke Lehman, Principal Product Manager, F5 Mohamed Mahdy, Product Management Engineer II, F5 Register today, click hereGlobal Live Webinar(06/04): Meet F5 BIG-IP Next: 4-Part Webinar Series: Part3
F5 BIG-IP Next 4-Part Webinar Series: PT3 (06/04): Modernize Encrypted Threat Protection with F5 BIG-IP Next SSL Orchestrator This event is open to all F5 users regardless of geographic location. Part 3 Date: Tuesday, June 4, 2024 Time:10:00am PT | 1:00pm ET What's the webinar series about? The F5 BIG-IP product suite is a trusted and versatile solution that organizations depend on to ensure the availability, performance, and security of their apps. As the application landscape continues to shift, BIG-IP must also adapt and evolve. Tune in to our four-part webinar series to discover the next generation of BIG-IP software that’s built to support the future application landscape. It’s the same BIG-IP that F5 customers know and trust, simply modernized and optimized for the future. You’ll see how the core app delivery and security functionality from BIG-IP carries forward to F5 BIG-IP Next with numerous systemic improvements that will streamline your day-to-day operations, bolster your security posture, and optimize application performance. Part 3 of 4 June 4th Webinar will cover: Modernize Encrypted Threat Protection with F5 BIG-IP Next SSL Orchestrator Join this session to experience firsthand the transformative capabilities of BIG-IP Next SSL Orchestrator. Discover the pivotal enhancements that simplify and accelerate the deployment and management of encrypted traffic visibility and orchestration services. A demo will showcase BIG-IP Next SSL Orchestrator’s intuitive user interface, designed to streamline workflows and prioritize API-centric interactions. Part 3 Speakers June 4th Kevin Gallagher, Product Management Engineer, F5 Rachael Shaw, Product Marketing Manager, F5 Kevin Stewart, Principal Product Manager, F5 To learn more about the series, click hereGlobal Live Webinar (05/14): Meet F5 BIG-IP Next: 4-Part Webinar Series: Part2
F5 BIG-IP Next 4-Part Webinar Series: PT2 (05/14): Optimize Your WAF with BIG-IP Next This event is open to all F5 users regardless of geographic location. Part 2 Date: Tuesday, May 14, 2024 Time:10:00am PT | 1:00pm ET What's the webinar series about? The F5 BIG-IP product suite is a trusted and versatile solution that organizations depend on to ensure the availability, performance, and security of their apps. As the application landscape continues to shift, BIG-IP must also adapt and evolve. Tune in to our four-part webinar series to discover the next generation of BIG-IP software that’s built to support the future application landscape. It’s the same BIG-IP that F5 customers know and trust, simply modernized and optimized for the future. You’ll see how the core app delivery and security functionality from BIG-IP carries forward to F5 BIG-IP Next with numerous systemic improvements that will streamline your day-to-day operations, bolster your security posture, and optimize application performance. Part 2 of 4 May 14th Webinar will cover: Optimize Your WAF with BIG-IP Next Join this session to gain valuable insights, guidance, and best practices for a successful transition to BIG-IP Next WAF and discover many benefits along the way. A live demo will guide you on defending applications against various threats, boosting your app development and security efficiencies, and optimizing your WAF with speed and simplicity. Part 2 Speakers May 14th: Navpreet Gill (Navi), Sr. Product Marketing Manager, F5 Nir Ashkenazi, Product Manager III, F5 To learn more about the series, click here
