Thursday, December 13, 2018

F5 Labs 2018 Phishing & Fraud Report

The F5 Labs 2018 Phishing & Fraud Report is out!

In this report, the F5 Labs team specifically investigated the rise of phishing and fraud during the 'holiday shopping season,' beginning in October and continuing through January. Fraud and phishing attempts increase 50% right now, from October to January and phishing was the root cause of 48% of the data breaches that F5Labs investigated. It's important to check out the report because it explains how phishing works, how to defend yourself against phishing attacks and the importance of training employees to recognize malicious emails.

Some of the crazy stats they found include 93% of phishing domains offered a secure (https) version of the site to appear more legitimate and 68% of malware sites used encryption certificates (https), meaning 68% of Command & Control servers use port 443. The crooks are going through the trouble of getting SSL certificates for their fake, but real looking sites.


Take a look at some of these. Do any of these web logins look familiar?


How about this one?

Or maybe this one?


If so then you need to check out the 2018 Phishing and Fraud report from F5 Labs because they were all fake. Attackers are getting so good at creating fake websites that impersonate the real thing, most people can’t tell the difference. One thing is for certain, employee click-through rates on phishing emails drop from 33% to 13% with security awareness training:
  • 33% — 1-5 training events
  • 28% — 6-10 training events
  • 13% — 11 or more training events
You can check out the Preview Video here and get your report at https://www.f5.com/labs


ps




Friday, September 21, 2018

Me:Recently

(Or, How I Mandela’d Myself Back into a Job)

Almost every week for over a decade, I’d tap some words out on a keyboard and push the story out for folks to read. And much to my glee, you did engage, share, comment and seemed to genuinely enjoy what I had to say. I wrote about technology topics like information security, IoT, mobile, access, high availability, application delivery and many others tied to my job at F5. I shared my life experiences like my daughter’s rare genetic disorder (HI/HA GDH), getting lost in Italy or certain milestones in my existence. I’ve also reported on societal topics like identity theft, regulations, social engineering and the still popular, ‘Does Social Media Reflect Society?’ I also produced and published hundreds of videos covering some of the same technology topics since I really enjoy that medium.

A time where I could share my areas of interest and you would return for more every week. It was a wonderful relationship and I was very grateful for the opportunity to expand my creative energy. As the audience grew, I felt even more compelled to keep the consistent cadence of material since it was readily consumed.

That exchange abruptly ended two months ago in the last week of July and I’m sorry to have recently disappeared.

But there is a happy ending.

I happened to get caught up in a ‘reduction of workforce’ situation but had the opportunity to potentially secure another open position. I figured I’d at least give that a go since I truly enjoyed the company, people and believed in the services we offer. Plus, I was dreading having to make a potential two-hour commute in each direction, each day to get to an office. I’ve been a remote employee for almost a decade, but I would have of course, if it came down to that. However, I wanted to avoid that nightmare.

And, I believed and visualized in my mind that it would work out. This is important.

That Wednesday night my wife and I went through the typical shock mumbling things like, ‘What are we gonna do,’ ‘Are we going to be fine,’ and ‘What about insurance,’ among many others. We also poured out, ‘We’re gonna be ok,’ ‘Things will work out,’ ‘Everything happens for a reason,’ and so forth.

I’m one of those people who believe in the Law of Attraction and the notion that if you visualize, feel the good energy and put it out there, it happens. Whether through prayer, meditation, chanting, etc, you can make your future. There are many of those inspirational quotes about making it happen. Emerson said, ‘Once you make a decision, the universe conspires to make it happen.’ Michael Jordan noted, ‘Some people want it to happen, some wish it would happen, others make it happen.’ Eckhart Tolle said, ‘You are the universe becoming conscious of itself.’ Hiro Boga said, Immerse yourself in the energy of what you desire.’ And of course, Buddha taught, ‘The mind is everything. What you think, you become.’

I lamented that evening that since I believed in the ‘make it happen’ routine, that maybe, I had done it to myself. If I truly lived by that code, then I can’t just choose to accept the good things that occur…I must also concede to some of the bad stuff too. I admitted to my wife that recently I hadn’t really felt as secure as I should and had worried that something could happen. Not due to poor performance but more along the lines of, ‘Geeze, what would I do if I lost my job?’ Or, ‘Wow, I’m so fortunate to have what I have cuz I’d hate to be doing, whatever it was that I was looking at, at the time.’ Typical, normal human anxiety thoughts...or maybe I was receiving advanced notice. I’d even shoo those thoughts away when worrying saying, ‘Knock it off - if you keep thinking that, then it’ll happen!
I told my wife, ‘Well, I’ll just have to Mandela myself back into a job,’ and I fell asleep chanting, ‘I’m gonna make it back,’ with the logo visualization in my mind.

For those wondering what ‘Mandela’ myself means. There’s a phenomenon called the Mandela Effect. It’s when a large swath of the population seem to remember something being a certain way, often different than what history indicates. It got the moniker from researcher Fiona Broome about her false memory of the death of South African leader Nelson Mandela when, in fact, he was still alive. She says, ‘The Mandela Effect is evidence that you may have experienced events from a different reality. Finding others with similar memories can affirm that.’ There are many, many examples of this from food items to car logos to TV shows to geography.

So, the idea was to change my history and make my future, harnessing the universe’s power, to get me back to the place I desired.

The next day, Thursday, I got up like any other day going through my normal routine. I wasn’t going to sit around and wait for something…or take my time to see what’s out there…I was going to make something happen. My early morning walk which includes some chanting, mediation and praying allowed me to further send my intentions out. I envisioned myself back working with my colleagues and specifically thought about a certain Sr. Director that I might contact to see if he had any headcount. I’ve known and worked with this person for years but never side-by-side. And I will admit that we’ve had some philosophical differences over the years, but our discussions were always respectful, pleasant and we walked away with a better understanding of each other. I always knew it wasn't personal and we were both coming from a place of passion for the good of all. During that morning walk, I really pushed my energies to be able to connect since my job that day, was to find a job.

Many folks who face and have faced this same dilemma talk about relaxing a bit, taking your time to find what’s out there, maybe even change careers completely or start their own business. That new doors open when others shut and most times, it’s for the better. I agree wholeheartedly with that yet my situation is a bit different and I really didn’t have the luxury to ‘find myself’ over the course of six months. You may be aware that my daughter has a rare genetic disorder and medical insurance is a critical part of her survival. Cobra is nuts expensive and I would have had to apply to keep her around. I would have done whatever was necessary to keep my family safe and had a little time to figure it out but for me personally, I needed to jump on finding something without delay.
I prepared my resume, which after working for the same company for 14 years was a bit daunting. Like, what do resumes look like these days? There had to have been some improvement or advances over the last decade. There’s that but also, how do I capture my accomplishments over that time? Honestly, I used my LinkedIn profile. I had updated it over the years as my positions changed and it included the info I needed.

That day I also started messaging/emailing/contacting many friends, both internal and external, to let them know I was seeking employment. We all make a lot of friends over the course of our career and studies suggest that those relationships can help with new opportunities. Plus, I’d like to think that they know my skills, knowledge and ability to help similar organizations.

And all the while that day I was chanting, ‘Like a fuckin’ phoenix rising from the ashes…’ I also started to put out there, ‘Wouldn’t be cool if I could secure something by the end of the week!’ Over and over.

That first day I applied to a couple internal positions and a few external. I used the entire day to see what’s out there, get the word out, prepare my resume and…keep the faith. I felt I had a productive day until later in the afternoon when I explained to my daughter the impact of this. ‘You know Daddy lost his job yesterday.’ With the innocence of a 12-year-old she asks, ‘So how are you gonna get it back?’ ‘I don’t know…I’ll try for something else with the same company or I’ll need to find something with another company, but we’ll be OK,’ I said hoping to dampen any anxiety on her part. She then told me that I needed to make sure I didn’t have to go to an office every day, so I could still drop her off at school, which I’ve been doing since pre-school. I replied that I hoped it would still be that way, but I’d needed to go where my work takes me.

The one thing I didn’t do that day is contact the Sr. Director I was thinking about earlier that morning, but I did feel, as mentioned earlier, that I had a productive day so let that percolate and see what happens.

The next day, Friday, we had to be in LA for some personal stuff related to our civil matter. Around 1:00 PM out of the blue, I get a text from that Sr. Director that I’d been thinking about. Holy Shit. He asks if I had some time to chat after 3:00p that day and I’m like, ‘Sure!’ I got nothing going on.
My phone rings around 2:00p and since we’re in the car heading home, I quickly find a place to park to take the call. He says he just heard what happened and that he has an open headcount but for first quarter. AND, he thinks I’m perfect for the role! There were still some departmental, procedural and other hurdles but that he was going to do whatever it takes to ensure it gets done within my grace period, so I can keep continuous employment…but to relax and know there something there for me.
I’m stunned.

With tears welling my eyes I tell him, ‘Dude, you’re gonna save my ass!’ He replies, ‘No, you’ve been a top performer for years and I can’t wait to have you on the team.’ I look at the clock in the car and say, ‘You know, it’s been almost exactly 48 hours since I got the call about the separation. You have no idea how thankful I am!’ We talk a bit more about the role and what needs to happen but by the end we had a verbal pinky shake. To my amazement, he even followed up with a summary text of what we discussed! I’m blown away both by the opportunity and the fact that he put it in writing. This guy is sticking his neck out to help me. I had to pull over again to read it and gather my excitement.

I turn to my daughter and say, ‘I got my job back!’ Didn’t matter that it was slightly different, but the fact that I was able to return to the company and people that I’ve loved for almost 15 years was incredible. In a position that is somewhat of a homecoming for me. Within 46 hours of being cut and before the week was over, it happened exactly as I asked, up to and including the specific Manager.
I was part of the original Security Business Unit at F5 back in 2004 as one of the original Security Solution Architects positioning F5 as a security company with FirePass (SSLVPN that became BIG-IP APM) & TrafficShield (WAF that became BIG-IP ASM). During this time, I was part of a handful of people sharing F5's first security story. I was giddy that after all this time, I’d be able to return to my roots of evangelizing the benefits of our security solutions.

I couldn’t stop smiling on the way home and immersed in the notion that I set it motion, including the individual, just a couple days earlier. Speechless.

I slept better than I had in months that night. Security is also peace of mind.

Saturday rolls around and you know the routine, did that really happen? YES! It did. Of course, I thought that it could fall through but kept going back to that text he sent and pushed that out to make sure the events would follow.

Over the course of the next few weeks he kept in constant contact, even touching base just to see how things were and to make certain, insisting in fact, that I was taking the time to relax so I’m fresh when I start. I can’t say enough about him and he followed through – above and beyond - on everything.

A couple weeks after the initial contact I signed my offer letter and officially started up again, this time doing Security Marketing and am thrilled to join such an amazing team.

And too, this break was a blessing in disguise. I had the time to focus on some family matters and take care of some things that I probably wouldn’t have been able to; I got to relax on Tuesday mornings while the rest of you labored (Ha!); I got to spend more time with my wife and kid as summer vacation was winding down; I was secure knowing a job was waiting for me; and it reinforced, for me, that you really can change your path with your thoughts and energy. With a little help, of course.

So that’s what’s been going on. Sorry I’ve been away but soon I’ll be back to my regular cadence and hope you continue to follow. I delayed writing this and debated posting it but thought that probably 98% of us will go through something similar and if my experience helps, no shame. In fact, I’m quite proud and somewhat astonished that it happened like this.

Oh, and that Sr. Director who pulled me from the ashes? Preston Hogue. A person with a heart of gold, impressive security knowledge, great sense of humor and a man of his word. Thank you, Preston, for the warm welcome.

And for those who might be in the same situation: Seriously - see it, feel it, believe it.

It will happen.

ps

Wednesday, July 18, 2018

The DevCentral Chronicles July Edition 1(7)

July is my favorite month due to it being both the middle of summer and I was born in July. This month I’ll drip of perspiration and celebrate another twist in the odometer of life. It’s also time for our monthly Chronicles where we keep you updated on DevCentral happenings and highlight some of the cool content you may have missed since the last issue. You can always catch up with the links at the bottom. Welcome!

With #F5Agility18 right around the corner August 13-16, 2018, let’s kick off this edition with John Wagnon‘s Capture The Flag at Agility 2018. Happening Tuesday night Aug 14, block your calendar for our #Geekfest event, Hack to the Future! This year, for the first time ever during our Agility conference, we will host a Capture The Flag game.  The game is designed for eight teams (4 people per team) to compete against one another to see who can capture the most flags, earn the most virtual money, and keep their web application safe from attack.  The teams will be chosen prior to the event, so if you want to be included in one of the teams, make sure you reach out to your SE and get the invitation.  DevCentral MVP’s Kai, Stan, Leonardo & Nathan with Bart as Pit Boss will also participate. The entire evening will be themed with tons of cool 80s stuff related to the classic movie series.

Next, we’d like to recognize F5 Systems Engineer, Steve Lyons for his prowess over the last month. First, Steve is one of our most engaged SE’s amplifying our social channel at every tweet; he published three, in-depth articles Configuring the BIG-IP as an SSH Jump Server using Smart Card Authentication and WebSSH Client, Configuring Certificate Based Authentication and Kerberos Constrained Delegation in F5 Access Policy Manager (APM) and Configuring Endpoint Security (Client-Side) Using F5 Access Policy Manager (APM); in addition to answering 5 questions from members. He’s highly active and has the technical know-how to help. Follow Steve @SteveLyonsF5

Jason Rahm and his infinite knowledge continued his python series with Getting started with the python SDK part 5: request parameters revisited and also replied to a twitter question from @CISCO_World with a full article about Duplicating BIG-IP Objects about how to copy a virtual server.

For the developer crowd, ENE Satoshi Toyosawa added his iControl REST Cookbook - Virtual Server Profile (LTM Virtual Profiles). For cloud folks, Chase Abbott shows off Application Auto Scaling Through BIG-IP Cloud Edition and for security, John lit up Introducing F5 DataSafe in his #LightboardLesson.

And in closing, Rhazi Youssef from e-xpert Solutions is our Featured Member for July and is the third engineer we've featured from e-Xpert Solutions SA.

We look forward to seeing you in Boston for Agility and as always, you can stay engaged with @DevCentral by following us on Twitter, joining our new LinkedIn Showcase page or subscribing to our YouTube Channel. Look forward to hearing about your BIG-IP adventures.

The Chronicles:

Monday, July 2, 2018

DevCentral's Featured Member for July - Rhazi Youssef

Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and our Featured Series gives you some insight on some of our most active folks.

Rhazi Youssef has been a very active DevCentral member since 2012 and the third engineer we've featured from e-Xpert Solutions SA. Initially Rhazi was a bit reluctant to participate as he's a quiet, humble guy and we're thrilled that he's DevCentral's Featured Member for July!
Let's learn a bit more about Rhazi.

DevCentral: Please explain to the DevCentral community a little about yourself, what you do and why it’s important.
Rhazi: I’m a security engineer since 2009 working in Geneva (Switzerland), a region with several security projects involving F5 BIG-IP (GTM, LTM, ASM, APM). My interest began early when I started and installed several security equipment like Mail relay, FW, SIEM&SEM, web proxy… 
But I admit that my job became more interesting when I started to approach the application part. I am talking about WAF (ASM), perimeter security (APM), LTM (LB, optimization,)… 
I immediately bonded with this product since it is very rich, complete and scalable with its time. It is for this reason that I invested heavily on this product by passing for example all my certificates which gives me today the title of “Security Solution Expert” (401).
DC: You are a very active contributor in the DevCentral community. What keeps you involved?
RY: First off, like everyone else I admit that Devcentral has already allowed me to get out of trouble and not just once, and I thank the community for this. The DevCentral community is very much involved in sharing, helping and informing members. This work done by the community helped me a lot in my work (I upgraded my skills) so I think it is normal for me to give back to the community that helped me...and offer advice that will help with experience and knowledge the community to move forward.
My investment in the community is even easier since F5 is a product that is very important to me. 
Today I work primarily on F5 BIG-IP (APM, ASM, LTM, GTM, WebSafe) which allows me to have an important experience on the potential problems that one can meet during a deployment, so it's the least of the things to help the community when I can.
DC: Tell us a little about the areas of BIG-IP expertise you have.
RY: These last 6 years I worked mainly on F5, I had the chance to work with some very great customers that I cannot mention :-). I deployed all types of hardware until VIPRION. And today I work on almost all of the BIG-IP modules (ASM, APM, LTM, GTM, VCMP, LC, WebSafe). 
The advantage with F5 is that you cannot get tired of this product. It is rich, complete and scalable. For example the APM that allowed me to meet the needs of our customers by going from the identity federation (SAML) to Oauth&OpenID connect. But still it's the same thing for ASM and other modules. We do not say it often enough but this product allows us to be up to date in terms of security; I'm talking about authentication protocols that the APM offers, different security methods carried by the ASM ... all these aspects allow us to maintain our level and to learn ...
DC: You are a Sr. Security Engineer with e-Xpert Solutions SA. Can you describe your typical workday, how you manage work/life balance and the strong support of F5 solutions?
RY: As everyone knows the job of Security Engineer is not easy. We must manage several clients, several projects, manage customer support, communicate with clients (vulnerabilities, news), schedule management, project tracking,... 
So every morning I spend quite some time to manage my emails, my calendar and answer to my customers. I am registered to F5 RSS feed, which keep me updated on CVE, I also follow many f5 webinars (I usually watch them later when they are online).
At e-Xpert solutions I am product manager of F5 solution, so I have to inform my colleagues about vulnerabilities or any new features, I must also regularly write news that we publish on our website. The other PMs do the same thing with their own products which also allows me to be informed about the other products of our portfolio. 
During my working day I connect regularly to DevCentral when I have some time to help or learn about some interesting topics. For me, helping the community is not binding. On the contrary, certain questions allow us to update ourselves on certain subjects and to exchange on our different points of view. 
I finished my work day in the evening by doing a small check of my mails and a pass on my usual information sites which included DevCentral. I almost forgot I work out every 3 days and I try to run at least every 2 days (no excuse for gym time!). 
If you are interested, here is the website of the company in which I evolve: https://www.e-xpertsolutions.com/

DC: You have a number of F5 Certifications. Why are these important to you and how have they helped with your career?
RY: 8 months ago I had my last certification “Security Solution Expert” (401). Having all these certifications was very important to me. First of all in order to guarantee a high level of expertise to our customer. Moreover this certification process obliges us to study and consequently to update us on the different modules. 
These certifications are like a quality label, our customers appreciate when the engineers who intervene has the higher level of certification. 
Moreover with the experience that I have, I think that the passage of these certifications allow us to have a richer view of the product and consequently to propose to our customers the best possible alternatives according to their needs.
DC: Describe one of your biggest BIG-IP challenges and how DevCentral helped in that situation.
RY: DC allowed me several times to solve the different problems I encountered. Things that seem simple to me today but that was not at the time I posted them and caused me quite some problems (Kerberos delegation, Kerberos authentication, Sideband, DDOS using iRule with session table …). 
I remember that I had to set up a perimeter of security to protect an application using the APM (I know it looks pretty simple). But I realized that the application was contextual (Web and JNLP) and that the APM session cookies were not propagated on to other contexts, so JNLP part could not connect. 

I will not go into the technical details but I had to create an iRule that used a table of correspondence between the cookie APM and the JNLP JSessionID that I stocked in a table session. Later I made an SSO on the backend application using the sideband (SSO profiles APM was not suitable). DC allowed me to build my iRule and sincerely without DC I would have had a lot of trouble and it would have taken me took a lot of time. And lastly DC allowed me to set up a fakeadfs using iRulesLX (and without DC, I do not think I could have done it alone).
DC: Finally, if you weren’t an IT admin – what would be your dream job? Or better, when you were a kid – what did you want to be when you grew up?
RY: When I was little and did not have school I spent my whole day on the football fields. I could play for 6 hours of suites without stopping. I loved football and I still do. So as you guessed I wanted to become a professional. But reality has taken over the dreams. Growing up I discovered computer science I started to build/dismantle my pc to add ram, change the hard drive, buy new graphics card for games... and little by little, I ended up in IT and I really do not regret it, but I admit that if I could have had the career of Ronaldo and also his salary I would not have mind either.
Thanks Rhazi!
Check out all of Rhazi's DevCentral contributions, connect on LinkedIn and follow e-xpert Solutions on LinkedIn.

If there is a DevCentral member you think should be featured, let us know in the comments section!

Tuesday, June 19, 2018

The DevCentral Chronicles June Edition 1(6)

Heading into the summer months is always a nice time of year – school is out, warmer weather, BBQs, beaches, baseball and maybe some vacation time. And hopefully all the Dads had a nice Father’s Day as we dive into our 6th installment of the DC Chronicles. The Chronicles are intended to keep you updated on DevCentral happenings and highlight some of the cool content you may have missed since the last issue and you can always catch up with the links at the bottom. Welcome!

We had 20 new articles published since Volume 1, Issue 5, including 5 new Lightboard Lessons! We really enjoy making these and you, the audience, certainly express your enjoyment in watching. John Wagnon lit some cool security related topics like, Explaining TLS 1.3, What Are AEAD Ciphers? and The TLS 1.3 Handshake while Jason Rahm drew up the F5 software lifecycle and BIG-IP Cloud Edition Overview. Since we’re on Cloud, Chris Zhang also wrote up how to Achieve firewall high-availability in Azure with F5.

We also published a bunch of materials about our new BIG-IP Cloud Edition. BIG-IP Cloud Edition is designed to enable easy to use and fast self-serve deployments of application services in private and public clouds and is composed of BIG-IP Per-App VEs and BIG-IQ CM 6.0. To get the scoop, you can check out the BIG-IP Cloud Edition FAQ, Building Applications For The Rest Of Us With BIG-IQ 6 and Skies Never Looked So Good With BIG-IP Cloud Edition. DevCentral’s Chase Abbott lays out the details.

Moving from Cloud to Security, several vulnerability mitigations from our SIRT team dropped recently. You got coverage for Remote Code Execution with Spring OAuth Extension (CVE-2018-1260), a New BIG-IP ASM v13 Drupal v8 Ready Template, and a New BIG-IP ASM v13 WordPress v4.9 Ready Template. Also filed under Security, Steve Lyons showed how to Configure Smart Card Authentication to BIG-IP Management Interface.

Other highlights include Lori MacVittie’s Three HTTP Routing Patterns You Should Know with Eric Chen’s follow on, SNI Routing with BIG-IP. Chen also gives us Clone Pool Across L3 explaining how you can use the “clone pool” feature to copy traffic to an IDS and/or network monitoring device. Jason continues his Getting started with the Python SDK series covering Working with Statistics and Working with Request Parameters and finally, Jie Gao was DevCentral's Featured Member for June.

As always, You can stay engaged with @DevCentral by following us on Twitter, joining our LinkedIn Group or subscribing to our YouTube Channel. Look forward to hearing about your BIG-IP adventures.

The Chronicles:

Friday, June 1, 2018

DevCentral's Featured Member for June - Jie Gao

Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and our Featured Series gives you some insight on some of our most active folks.

Jie Gao is a very active contributor on DevCentral since 2012 and has been on a roll recently answering questions about monitoring, URI redirects, SSL and many others. We're excited to name Jie as our Featured Member for June!

Let's learn a bit more about Jai.

DevCentral: please explain to the DC community a little about yourself, what you do and why it’s important.
Jie Gao: I am a system administrator in the University of Sydney and have been in the IT profession for over 20 years. I became an F5 administrator from "the other side" with a background in the open source, *nix system administration, system integration, Web application development, etc., some 7 years ago. I wanted to help bridge the great divide between networking and application through the use of F5. Upon reflection, I'm not sure I made much of a difference. :-(  Off work, I immerse myself listening to music on my Hi-Fi.
DC: You are very active contributor in the DevCentral community. What keeps you involved?
JG: Like many others here, I got on DevCentral initially to find a solution to a specific problem. I stayed on to learn more, to find out what more I can do and do better in my work. It is beneficial to know what issues other people are encountering, issues that might potentially affect my work later as well. If there is a software issue, then I could learn about it here early before it hits us, saving us from pulling our hairs out trying to figure out the puzzle. There are also solutions there that we could be asked to provide at work at the drop of a hat.
It feels good to be able to help people out. Sometimes it is even easier and more satisfying to help a total stranger than someone you already know. At the same time, it is also a good opportunity to learn how to answer a question properly - there are great minds and hands on DevCentral and I have learnt a great deal from them. I hope I have not provided too many incorrect/half-cooked answers! F5 staff tend to provide a complete, authoritative answer citing official documentation. Sometimes it might also be better to help people help themselves if they are not in a great hurry. Through answering questions, I have also learnt how to ask questions properly as well. 

All said, DevCentral is an invaluable site of knowledge, solutions, and advice (and silly questions - including mine), where F5 administrators and solution designers, or really anyone, can find a quick answer to an F5-related issue in hand, or a pointer to a resource for further exploration. Great resource.
DC: Tell us a little about the areas of BIG-IP expertise you have.
JG: The University has been using the BIG-IP LTM/APM/GTM/ASM modules for various application services for many years, and I have been with it all along. However, I prefer to regard myself a generalist, although I spent most of my time on F5 at work. I like programming and code in a few languages, and I did my first Ruby script while answering a question about iControlREST on DevCentral. :-)
DC: You are a Senior Network Designer at University of Sydney. Can you describe your typical workday and how you manage work/life balance?
JG: My typical workday starts with e-mail processing, browsing F5 Support's New Updates, and checking into DevCentral for a look, in that order. Home is wherever I am. All my hobbies/activities are suitably for a single soul. So I have got the balance holistically right. ;-)
DC: Describe one of your biggest BIG-IP challenges and how DevCentral helped in that situation.
JG: A few years ago I had a challenge, probably not the biggest but nonetheless an interesting one, to host a DNS split-view for a part of the organization as a matter of emergency. I found some useful code examples as well as relevant documentation on DevCentral and did it all in an iRule!
DC: Lastly, if you weren’t an IT admin – what would be your dream job? Or better, when you were a kid – what did you want to be when you grew up?
JG: The very first dream I recall I had as a toddler was to be a proud driver of a red-milky colored bus that thrummed through the center of Beijing. I have since had many other dreams, but I never did realize my first one.
Thanks Jie! Check out all of Jie's DevCentral contributions and follow The University of Sydney on Twitter.


If there is a DevCentral member you think should be featured, let us know in the comments section!

Tuesday, May 8, 2018

The DevCentral Chronicles Volume 1, Issue 5


Is it May already? Did you enjoy your ‘May the Fourth’ along with ‘Revenge of the Sixth’? For me, May is filled with a bunch of family holidays along with Mother’s Day, of course. May also falls perfectly for our 5th installment of the #DC Chronicles. If you missed our initial issues of the DC Chronicles, you can catch up with the links at the bottom. The Chronicles are intended to keep you updated on DevCentral happenings and highlight some of the cool content you may have missed since the last issue. Welcome!

We’re only 3 months away from #F5Agility18 in Boston, August 13-16! You can hang out with the DevCentral team and many MVPs will also be in attendance to share their expertise. Our team is prepping some sessions and look forward to socializing with the community. Get the details here and now's the time to register for F5 Agility 2018 and lock in your labs and sessions. Also, Early Birds get $300 off the registration fee Through May 18!

If you haven’t heard, BIG-IP Cloud Edition is will be available soon! BIG-IP Cloud Edition is built by tightly integrating BIG-IQ Centralized Management and BIG-IP Per-App VEs to deliver advanced application services and management. You can autoscale, offer self-service management for app owners, and per-app analytics. We got a couple cool pieces covering Cloud Edition: Chase’s Skies Never Looked So Good With BIG-IP Cloud Edition where he explains all the pieces of the pie and also check out Jason’s Lightboard Lessons: BIG-IP Cloud Edition Overview.

We also dropped a couple other #LightBoardLessons for your viewing pleasure covering some of our new Security solutions. John lights up the DDoS Hybrid Defender and introduces us to the new F5 Advanced WAF. DDoS Hybrid Defender offers comprehensive DDoS threat coverage in a simple, dedicated appliance with native, cloud-based scrubbing services and the awesome Advanced WAF protects against the latest attacks using behavioral analytics, proactive bot defense, and application-layer encryption of sensitive data. Couple of cool tools to help mitigate internet threats.

Mitigate threats you say? There will always be vulnerabilities in the wild and depending on the type of threat, we’ll typically have some mitigation techniques to share. Our SIRT (Security Incident Response Team) folks are always examining the murk out there and sharing insights. This past month is no different with mitigation techniques for Remote Code Execution with Spring Data Commons (CVE-2018-1273), Directory Traversal with Spring MVC on Windows (CVE-2018-1271) and the Drupal Core Remote Code Execution (CVE-2018-7602). In a few cases, BIG-IP ASM customers were already protected by the existing signatures!

As we wrap up this edition, we’d also like to point out @GrahamAlderson‘s new video series AppSec Made Easy with examples for Anti-Bot for Mobile APIs, Proactive Bot Defense, L7 Behavioral DoS and a couple more this week. And we’d be remiss if we didn’t call out Bank of America’s Jai Kumar as our Featured Member for May!

As always, You can stay engaged with @DevCentral by following us on Twitter, joining our LinkedIn Group or subscribing to our YouTube Channel. Look forward to hearing about your BIG-IP adventures.

ps

The Chronicles:

Tuesday, May 1, 2018

DevCentral's Featured Member for May - Jai Kumar


Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and our Featured Series gives you some insight on some of our most active folks.

Jai Kumar is a very active contributor on DevCentral and has been for a number of years amassing 4 #DC badges. We're excited to name Jai as our Featured Member for May.
Let's learn a bit more about Jai.

DevCentral: please explain to the DC community a little about yourself, what you do and why it’s important.
Jai Kumar: From my childhood (Kid born in 90's lol), I always thought and was eager to know how Internet and the entire network stuffs worked. That’s how my passion came - “I want to be a network engineer” and here I am a Network Engineer (Still lot to learn). I am Jai Kumar, living in Chennai (India). My close ones call me Jai. Got Married last November and have a loving spouse. Enjoy watching thriller/crime seasons and a big fan of G.O.T, Breaking Bad, Prison Break, Dexter. The list goes on… Now it’s Mr.Robot. An ardent reader of THN and I’m a workaholic!!!
I enjoy working for Bank of America providing Engineering and design of traffic management for consumers. This includes global traffic management, application load balancing, traffic routing and advanced health check services.
As a team we play a major role in providing architecture and high level design guidance for BOA. As well as oversight of design and engineering services provided by our partners. Work with business to understand future trends and roadmap emerging requirements.
DC: You are very active contributor in the DevCentral community. What keeps you involved?
JK: I don’t recall when I joined DevCentral, but I’m sure it would have been for an iRule or to do something with device hardware RMA/upgrade challenges I faced in my start of career. DevCentral has molded me in tremendous ways. I have learned so many technical things which I haven’t faced in my working place. That’s what special about DevCentral is. You cannot expect to know everything, things may run differently. 
Sometimes you’d be able to reproduce the other people’s issue and fix it – You gain knowledge, sometime you don’t – So you learn when someone answers. One of my favorite quotes of Benjamin Franklin:“Tell me and I forget, teach me and I may remember, involve me and I learn.” 
DevCentral is a great forum where great minds come to help out others issue. The involvement of every engineer out there to help the fellow F5 mate is what makes special of DC community. And with whatever knowledge I have, I’d love to give back to the community too. 

DC: Tell us a little about the areas of BIG-IP expertise you have. 

JK: I could be the youngest DC member holding less than 5 years of overall IT experience. I specialize in BIG-IP LTM and GTM. I started from the basics as I was in the monitoring team in my 1st year. Happened to learn the metrics that were being monitored on F5 devices, how monitoring works, what action requires to be taken at such scenarios. Then moved to the next device level troubleshooting issues. Did 50 plus device replacements, HDD reseats, cable issues etc. Next comes the design of setups for applications. Over the last 3 years, have been engaging with application owners and creating LB environments. Had attended hands on virtual LAB trainings on BIG-IP ASM and AFM. Never got chance to learn deeper getting involved in real time practice, maybe in future, someday !!!
DC: You are a Senior Software Engineer/F5 Engineer at Bank of America. Can you describe your typical workday and how you manage work/life balance?
JK: At Bank of America, we live our values, deliver our purpose and drive responsible growth through our eight lines of business. 
Our values – “DART”Deliver together • Act responsibly • Realize the power of our people • Trust the team
My work life style is simple, Mon – Fri, I have a general shift and a rotational on-call. We have a bunch of great minds in the team. Like every org, we do too have ticketing tools, accept tickets and troubleshoot, build environment for the application team. Get assigned with Projects and also implement changes required from GIS standpoint. Attend technical/management meeting, join TFG/brain storming sessions.
I involve myself in helping our Ops team on system level issues, being a primary POC for device level issues within the team. In the background, I see opportunities to automate things wherever I feel I can. Got awarded multiple times for automating. 
In BOA, we are encouraged to give back to the society, so I do participate in Bank of America Community Volunteering. Enjoying a good work/life balance overall. Maybe blessed or being lucky.
DC: Describe one of your biggest BIG-IP challenges and how DevCentral helped in that situation.
JK: One of our F5’s Configuration utility failed to display SSL certificates, same happened when you try to list all certificates through CLI. This really ate lot of my time. Then I happened to learn from F5 articles and DC to enable mcpd to find the actual single cert which was causing this issue. It was containing special chars in the subject. Because of which we were unable to install any of the certs at all. After fixing the particular cert, things got back normal.
Later we involved the right teams to let them know to avoid these scenarios in future. But I’m yet to face stronger challenges, after all I’m just 5 years in Industry now.
DC: Lastly, if you weren’t an IT admin – what would be your dream job? Or better, when you were a kid – what did you want to be when you grew up?
JK: It was always to be a Network Security Engineer. Well during my final year in college, I got 2 job offers for a CORE company (Embedded Systems electronics) and a voice process company. But I had not much of a real interest. So I looked for openings outside and was interviewed by Vodafone Enterprise and got selected. That’s where my carrier started and I’m thankful for that.
Thanks Jai! Check out all of Jai's DevCentral contributions and connect with him on LinkedIn and follow Bank of America on Twitter.

If there is a DevCentral member you think should be featured, let us know in the comments section!

Wednesday, April 11, 2018

The DevCentral Chronicles Volume 1, Issue 4


If you missed our initial issues of the DC Chronicles, you can catch up with the links at the bottom. The Chronicles are intended to keep you updated on DevCentral happenings and highlight some of the cool content you may have missed since the last issue. Welcome!

Like last month, we’re digging the OWASP Top 10 #Lightboard series from @JohnWagnon. He wrapped it up this month with numbers 9 & 10 - Using Components With Known Vulnerabilities and Insufficient Logging and Monitoring. To give you a sense of how these have been received, YouTube viewer Sanket Kamath says, ‘Thank you for the excellent overview for all of the OWASP Top 10 2017! John made it really easy to understand each of the 10 attacks with his explanation!’ Check out the entire playlist!

Speaking of LightBoard Lessons, we had a few fantastic ones this past month. John took on lighting up the GitHub DDoS Attack and Explaining the Spectre and Meltdown Vulnerabilities while Jason gave us the OSI and TCP/IP Models and What Are Containers? I added SAML IdP and SP on One BIG-IP to round out our videos.

On the Security front, we had a bunch of great articles covering a mess, and I mean a mess of stuff. The mess was some new vulnerabilities and our Security Researchers had the mitigations for many including Spring Framework Spring-Messaging Remote Code Execution (CVE-2018-1270), Drupal Core SA-CORE-2018-002 Remote Code Execution Vulnerability and Jackson-Databind - A Story of Blacklisting Java Deserialization Gadgets.

We also learned how to Protect your AWS API Gateway with F5 BIG-IP WAF, how to configure F5 BIG-IP as an Explicit Forward Web Proxy Using Secure Web Gateway (SWG) and how to set up ADFS Proxy Replacement on F5 BIG-IP.

The Cloud folks will love Lori’s Three Types of Load Balancing You Meet in the Cloud, DNS Admins will dig Eric’s Unbreaking the Internet and Converting Protocols and Coders will enjoy Jason’s Debugging API calls with the python sdk and Satoshi’s iControl REST Fine-Grained Role Based Access Control.

And, we couldn’t let this Chronicle pass without mentioning an awesome @haveibeenpwned #Pwned Passwords Check #CodeShare from MVP Niels van Sluis. This snippet makes it possible to use @troyhunt ‘Pwned Passwords’ API to check if the password has been exposed. See it here: http://bit.ly/2GOhi1y
And wrapping up, a wonderful contributor Daniel Varela is DevCentral's Featured Member for April and F5 Agility is coming to Boston, MA this August!

As always, You can stay engaged with @DevCentral by following us on Twitter, joining our LinkedIn Group or subscribing to our YouTube Channel. Look forward to hearing about your BIG-IP adventures.

ps

Previous

Thursday, April 5, 2018

F5 Agility is coming to Boston, MA this August!

The DevCentral team will be at F5’s largest user conference to date! Will you?

Now's the time to register for F5 Agility 2018 in Boston, MA August 13-16. Early Bird registration knocks $300 off your registration fee!


What's F5 Agility all about?

Besides an opportunity to meet fellow community peers, solution partners, and F5 experts, we’ll have

Breakouts!
Breakout sessions at Agility focus on the latest technologies, applications, and architecture strategies. The technical breakout sessions at Agility range from beginner to advanced, enabling you to select classes that best meet your needs. Additionally, you can choose from sessions in multiple tracks or use the recommended learning paths to focus on specific areas that matter most to you. Last year we had 62 hours, this year we’re expanding to 150+ hours of technical breakouts, including dedicated Spanish-language sessions.

Sample learning paths:
  • Application Security
  • Application Delivery
  • Access Management
  • Service Provider
  • Programmability
  • Cloud Solutions
  • Automation and Orchestration
  • Super-NetOps
Labs!
We have expanded lab offerings to a total of 80 hands-on lab sessions. Our comprehensive 4- or 8-hour labs will address a wide variety of installation, troubleshooting, and networking technologies across a variety of environments. The instructor-led classes also provide an opportunity to gain valuable knowledge in preparation for F5 Certification exams.

New for 2018, Agility will have a room dedicated to self-paced labs that are shorter and/or more targeted. Attendees will have the opportunity to go through these labs at their own pace, with instructors available to assist with any questions. All self-paced labs will be available on a first-come, first-served basis.

Certifications!
Are you getting started? Already F5 Certified? We’ll have F5 Certification exams running throughout the week. Be sure to sign up in advance in order to guarantee your seat.

And you can Meet the Experts

If the structured programs still leave you wanting more, we will have experts available to answer questions at the DevCentral booth during the Solutions Expo hours, as well as two breakout rooms dedicated to walk-in help for iRules and all things Programmability. If you are not yet a member of DevCentral, you can sign up on-site.


Also at Agility 2018

Solutions Expo
The core of the conference, our Solutions Expo brings together the various aspects of the F5 ecosystem. Learn what works where with whom, and meet solutions experts from all avenues.

Geek Fest
Lab attendees get a chance to rub elbows with each other and presenters over food, drinks, and (sometimes unconventional) activities.

F5 Connects Women
Women leaders from both F5 and our partners join to discuss the perspectives women bring to tech, as well as the influence we can have when our potential is realized.

5K Fun Run
Grab your runners and discover Boston by foot on a beautiful, urban run through the city with fellow attendees. DevCentral’s own John Wagnon leads this one!

For more information on reserving your place, go to F5 Agility 2018


We look forward to seeing you in Boston!

Monday, April 2, 2018

DevCentral's Featured Member for April - Daniel Varela

Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and our Featured Series gives you some insight on some of our most active folks.

Daniel Varela has been one of those engaged members and amassed 374 points in February alone! Answering bunches of questions about SAML, SSO, Cookies and more, we're proud to name Daniel as our Featured Member for April.

DevCentral: Hi Daniel and thanks for helping many of our members! Please explain to the DC community a little about yourself, what you do and why it’s important.
Daniel: I am an ADC/GSLB/WAF SME currently working for Centrica PLC. My job entails load balancing applications, availability and security. My work experience is mainly around network security. I chose to work in security because you never get bored of it, there is always something new to learn which is what I love. I have been actively working with F5 devices for the last 10 years. I still remember when I first heard about iRules, I was really impressed with the possibilities it provided. Additionally, with a BIG-IP you can learn about a lot of technologies: HTTP, TLS, DNS, SAML, OAuth, Web acceleration, Web Application Firewall… I am probably missing technologies here but you get the idea. This is one of the reasons I am working with F5, fun is guaranteed.
DC: You are a former F5 employee (2014-17) and continue to be a very active contributor in the DevCentral community. What keeps you involved?
DV: I have always thought (and I always say to my customers) that DevCentral makes a difference in respect to any other vendor. The amount of information someone can find there is incredible and if what you are looking for is not there you just have to ask, people from all around the world will help you to do whatever you want to do (event the craziest things), there is always an iRule for that 😊. For this reason I like to participate as much as I can, I have found a lot of help there and I feel like I have to return the favor (and it is also fun to see what people are trying to do with F5).
DC: Tell us a little about the areas of BIG-IP expertise you have and your F5 Certifications. Why are these important and how have they helped with your career?  
DV: My experience with F5 has been pretty much with all the modules: LTM, ASM, APM, GTM, AFM, Silverline and a bit of WebSafe. I was an F5 consultant for 3 years meaning it gave me a great opportunity to learn a lot about all those modules. This provided me with a lot of knowledge and helped me to get the F5 Certification F5-CSE Security. I would recommend to everyone to make an effort and get it, in my experience companies really value this accreditation.
DC: Describe one of your biggest BIG-IP challenges and how DevCentral helped in that situation.
DV: The biggest challenges for me have always been around BIG-IP APM. APM is probably the module which you can expand on the most, some things are not there by default but with the help of iRules you always find a way to get what you need. The last challenge was to expand SAML IDP capabilities by providing step-up authentication using authentication contexts available in the protocol itself. It may sound simple but just because how APM and SAML is designed it was tricky.
DC: Lastly, if you weren’t an IT admin – what would be your dream job? Or better, when you were a kid – what did you want to be when you grew up?
DV: Finally, I have always wanted to work in IT but if I wasn’t doing this I think I would be a fireman. I love sports and being active so I think it’s a job I could do.
Thanks Daniel! Check out all of Daniel's DevCentral contributions and connect with him on LinkedIn.

If there is a DevCentral member you think should be featured, let us know in the comments section!

Thursday, March 22, 2018

Post of the Week: SAML IdP and SP on One BIG-IP

In this Lightboard Post of the Week, I answer a question about being able to do SAML IdP and SP on a single BIG-IP VE. Thanks to DevCentral Members hpr and Daniel Varela for the question and answer. +25 DC points for ya!

Posted Question on DevCentral: https://devcentral.f5.com/questions/apm-ltm-121-saml-idp-and-sp-possible-in-one-ve-58114



If you got an answer you'd like lit up on the Lightboard, let us know in the comments!

ps

Tuesday, March 6, 2018

DevCentral's Featured Member for March - Hannes Rapp

Hannes Rapp is an Independent F5 Engineering Consultant focusing on BIG-IP ASM and LTM. According to Hannes, 'if you combine these two modules, you have the best of F5 product portfolio. One without another is incomplete BIG-IP.' He's also interested in Python, building tools to automate routine administrative tasks on BIG-IP and he sends special thanks to REST API developers and F5-sdk project team who make this task easier.

Hannes is a 2018 DevCentral MVP and our Featured Member for March!

DevCentral: First, please explain to the DC community a little about yourself, what you do and why it’s important.
Hannes: A crook from Eastern Europe, as I like to introduce myself. A guy from Estonia with a track record in online gambling industry. Given the background, potential customers are sure to raise an eyebrow. What if he spies for Russia and drinks vodka with his lunch instead of Cola? 
Before my departure from online gambling, I worked as Network and Security Specialist for Playtech. This was the most impactful role for my career progression. There were days we had lots of work to do, and there were days we had insane amounts of work to do. These ever-growing work queues created a situation where some "safe" changes could sneak past Change Management procedures. But what safe is is debatable. So occasionally, some production iRules were modified on the fly without any prior notice. Sometimes customers reported their issues were "magically resolved", and sometimes they reported new issues. I don't know who did those changes. Trust me, I always ask for permissions and not move an inch before the green light. 
Anyone just getting started in IT should seek a busy place. If you want to become good at what you do, it's best to be buried under actual work but not under formalities. If you work at a conservative bank where every minor step must be measured and documented, you will not gain much experience. Banks are good when you're a bit older. They ask you to use a fork and a knife when eating. They help uncivil barbarians evolve into humans by giving lessons in ITIL.
DC: You are a very active contributor in the DevCentral community. What keeps you involved?
HR: My participation here is a learning experience. Most of my F5 knowledge comes from here. In particular, I like how official resources blend together with solutions and ideas from users not employed by F5 Networks. A closed echo chamber with one source of information would not be as interesting. Presence of bug complaints and negative remarks about the product drive the credibility of DevCentral and F5 as a vendor. With the addition of light board lessons, learning has been made even easier. It's always worth coming back here.
DC: Tell us a little about the areas of BIG-IP expertise you have.
HR: Anything but BIG-IP APM, SWG, GCNAT and WebSafe/MobileSafe. No matter what needs to be done, there's probably someone else that already had me do the exact same thing. I'm interested in adding WebSafe/MobileSafe to my portfolio but haven't had the opportunity.
DC: You are an Independent F5 Engineering Consultant focusing on BIG-IP LTM & ASM. Can you describe your typical workday and how you manage work/life balance?
HR: Something that is never missing from my typical workday is an argument with somebody. There's a famous quote that applies: "Arguing with an engineer is a lot like wrestling a pig in the mud. After a couple of hours, you realize the pig likes it." 
When I'm not arguing, I create optimized WAF policies for online banking frontends and mobile apps. Most BIG-IP ASM configurations I have looked at are needlessly cumbersome and feature bulk not relevant for the application. Among other projects, I work on major BIG-IP upgrades. Large corporations with a lot at stake often want BIG-IP upgrades done so that all existing functionality is retained without alterations. Only, and only when the upgrade is deemed successful should any modifications or new features come in effect. Any forceful configuration changes that are applied must either be denied or made redundant with trickery. For example, the event where default values in base profiles are updated to defaults of a new version must be segregated into a separate change. Segregation into bits and pieces helps with damage control. If an incident occurs, all troubleshooting efforts can be focused on a smaller area of surface. 
My last two customers have given me the opportunity to enjoy a better work-life balance. They let me work remotely. Since my area of expertise is so narrow, isolated to F5 BIG-IP, finding projects can be a challenge. Not that long ago I had to travel to another country to be accepted for a project. As far as I'm concerned, work should be about work. If a project is delivered as expected, the place of work is of secondary importance. I appreciate there are corporations who are on the same page in that regard. It's already in the best interest of engineers and consultants to do their job because every new client asks for a recent recommendation.
DC: Describe one of your biggest BIG-IP challenges and how DevCentral helped in that situation.
HR: The challenge was about converting nearly a hundred BIG-IP ASM policies from Case-Sensitive matching to Case-Insensitive. There's no supported way of changing this once your choice is locked in. After some testing, I found that it's possible to accomplish this by working with raw XML files. There's plenty of room for error but after a few days of scripting and testing, I got a solution I was happy with. From DevCentral, I found information about iControl API and instructions for use. This later proved very helpful for mass policy export and import functions. This was the old SOAP iControl API. Now I'm using iControlREST and would like to give a special mention to F5-sdk project team who work on a fabulous tool that eases automation with Python.
DC: Lastly, if you weren’t an IT admin – what would be your dream job? Or better, when you were a kid – what did you want to be when you grew up?
HR: The only job that made sense to me as a kid was to be a basketball player in NBA! As we were walking around our neighborhood in a group of 3, someone always came up with a rhetorical statement: "We need 1 more to play 2v2". And someone always expanded the scope: "or maybe we can find 3 more so we can play 3v3". This was the end of 90s in Estonia. Basketball was immensely more popular than soccer aka football, a dumb ball game. Now it's the other way around.
Thanks Hannes! Check out all of Hannes' DevCentral contributions and connect with him on LinkedIn.
 

If there is a DevCentral member you think should be featured, let us know in the comments section!