Category ✅

For those interested in exploring the capabilities of the BIG-IP ASM, creating a hands-on lab environment can be a great way to dive deeper into its features. In this guide, we’ll outline the steps to set up a testing environment using a BIG-IP ASM and a PHP Auction site. By the end, you’ll have a working setup to test policy building, parameter management, and other ASM functionalities. What You’ll Need To set up this lab, you’ll need the following: A hypervisor, such as VMw

BIG-IP virtual server types in F5

Host and URL Rewrite, Content Matching and Redirecting Below are some example iRules used for redirecting and rewriting URL and Host Headers. Rewrites Rewrite Hostname in HTTP Request when HTTP_REQUEST {    if { [HTTP::host] equals " domain.com " } {        HTTP::header replace "Host" " newdomain.com "    }} Rewrite URL in HTTP Request when HTTP_REQUEST {    if { [HTTP::uri] starts_with "/sometext" } {        HTTP::uri "/newtext"     }} Rewrite Hostname in Response   when HTT

Configuring Event Logging in BIG-IP ASM In this article, we will explore the importance and configuration of event logging in BIG-IP ASM (Application Security Manager) . While event logging might not seem exciting, it plays a critical role in identifying and preventing cyber threats. System logs often capture signs of malicious activity, making proactive log review an essential part of security management. Logging Profiles Logging profiles in BIG-IP ASM define how and where t

Data Guard As we all know, we need to protect the personal and sensitive information of our users. So back in the day, some super-smart people developed an iRule that scrubs out credit card numbers from HTTP traffic that passes through the BIG-IP (the link to the iRule is here ). This is a great iRule, but the good news is that the BIG-IP ASM gives you all the power of this iRule (and more) by simply checking a box in the Data Guard settings. In fact, the ASM gives you the op

This article will discuss some really cool ASM features: IP address intelligence and whitelisting. It's hard to defend against all the crazy cyber threats out there today, so wouldn't it be nice to know if the IP address requesting access to your application is trusted or not? And, wouldn't it be convenient to tell certain IP addresses that you explicitly trust them? Well the ASM allows you to do all that! So turn on that ASM and get ready to configure some awesomeness... IP

concepts of XML and how the BIG-IP ASM provides security for XML XML Concepts XML Concepts The Extensible Markup Language (XML) provides...

What Is An Attack Signature? What Is An Attack Signature? Attack signatures are rules and patterns that identify attacks against your web application. When the ASM receives a client request (or a server response), the system compares the request/response to the attack signature associated with your security policy. If a matching pattern is detected, the ASM will trigger an "attack signature detected" violation and will either alarm or block based on the enforcement mode of yo

The Importance of File Types, Parameters, and URLs- This third article in the series will discuss the importance of File Types, Parameters, and URLs. It's no surprise that your web app will include various files, parameters, and URLs. It's also no surprise that these same files, parameters, and URLs can be vulnerable to various attack vectors like parameter tampering and forced browsing. In this article, I'll show you how to configure your ASM to mitigate these threats by all

What is GTM and Why is it Used in F5? We can discuss GTM (Global Traffic Manager) in the following points: 1. Overview of GTM GTM (Global Traffic Manager) : F5 GTM, often called Global Traffic Manager, distributes DNS and user application requests based on business policies, data center and cloud environments, user location, and application-based performance. 2. High-Performance DNS Services BIG-IP GTM  delivers F5’s high-performance DNS services with great visibility, inbuil

How to Build F5 ASM Lab To set up the F5 ASM (Application Security Manager) lab, you need the following files and tools: Required Files for the Lab Setup: VMware Workstation You can use either the free trial  or the licensed version  of VMware Workstation. Download VMware Workstation Pro here . BIG-IP Virtual Edition (with ASM module) Ensure that the BIG-IP Virtual Edition  has the ASM module  installed. Download the F5 image here . PHP Auction Site VMware Files Download the

How to configure Data Guard in F5 ASM We can use below step to configure Data Guard- Step 1-  Go into Application security >> Enable Data Guard Step 2- Buy Any item and add fake credit card then you can see into event logs - Step 3- Check logs under the events logs-

How many Attack Type in F5 ASM - We can discuss how many types of attacks in F5 ASM - Attack Type Explanation Buffer overflow                                                                          Buffer overflow exploits are attacks that alter the flow on an application by overwriting parts of memory. Directory indexing Automatic directory listing/indexing is a web server function that lists all of the files within a requested directory if the normal base file is not pres

There are Multiple Load balancing method available in F5- In two categaroy devide Load balancing - -->> Layer 4 -->>  Layer 7 -->> Layer 4  Layer 4 load balancers act upon data found in network and transport layer protocols (IP, TCP, FTP, UDP).  Layer 4 load balancers act upon data found in network and transport layer protocols (IP, TCP, FTP, UDP).  -->> Layer 7 Layer 7 load balancers distribute requests based upon data found in application layer protocols such as HTTP Layer

SSL Methods for LTM  There are 3 types of SSL Methods used in F5. SSL Offload, SSL Pass-Through Full SSL Proxy SSL Offloading  - In this method the client traffic to BIG-IP is sent as encrypted. Instead of the server decrypting and re-encrypting the traffic BIG-IP would handle that part. So the client traffic is decrypted by the BIG-IP and the decrypted traffic is sent to the server. The return communication from the server to client is encrypted by the BIG-IP and sent back t

How to Configure High-Availability in F5-- Before connecting the device to HA device, Make sure - -->>  All devices in the device group are running the same version of BIG-IP system software -->> Configure NTP and verify that both devices show same date and time. There are some steps below to configure HA. Step 1-  Create dedicated VLAN and Self IP for HA: Chosen interface 1.1 for HA function Chosen an unused subnet 192.168.1.1/24 for HA heartbeat to work. You now configure t