Multiple Perspectives on Security

Security Journal

Subscribe to Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Blogs from Security Journal
"I'm here to leverage my secret sauce, which is using outsourced development and the company that I utilize is delaPlex Software and they've basically allowed me to win Fortune 500 companies," noted Justin Witz, CTO of FRA and PlanTools, in this SYS-CON.tv interview at 20th Cloud Expo,...
In the hybrid IT era, complexity is the name of the game. In fact, according to the recent SolarWinds IT Trends Report 2017, IT professionals report the number one challenge of hybrid IT is increased infrastructure complexity. Accelerating complexity is just one challenge in how hybrid...
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @Thing...
Join us at Cloud Expo June 6-8 to find out how to securely connect your cloud app to any cloud or on-premises data source – without complex firewall changes. More users are demanding access to on-premises data from their cloud applications. It’s no longer a “nice-to-have” but an import...
What’s this week about? This is the final week of DevCentral’s Cloud Month so let’s close out strong. Throughout the month Suzanne, Hitesh, Greg, Marty and Lori have taken us on an interesting journey to share their unique cloud expertise. Last week we covered areas like high availabil...
What’s this week about? Ready for another week of Cloud Month on DevCentral? Suzanne, Hitesh, Greg, Marty and Lori are ready! Last week we looked at services, security, automation, migration, Ansible and other areas to focus on once you get your cloud running. We also had a cool Lightb...
Cloud is a lot more pervasive than one may have imagined and in this article, we will focus on the various ways in which cloud technology is making home security systems robust and impenetrable. The term ‘Internet of Things’ gets thrown around quite a lot when we talk about cloud techn...
What’s this week about? We hope you’re enjoying DevCentral’s Month thus far and Suzanne, Hitesh, Greg, Marty and Lori ready to go again this week. Last week we got you deployed in AWS and Kubernetes, learned the basics of Azure, got knee-deep in Cloud/Automated architectures and celebr...
Update servers while continuing to process application traffic. Recently we’ve been showing how to deploy BIG-IP (and F5 WAF) in various clouds like Azure and AWS. Today, we’ll take a look at how to update an AWS auto-scaled BIG-IP VE web application firewall (WAF) that was initi...
The first step in using a BIG-IQ to manage BIG-IP devices BIG-IQ enables administrators to centrally manage BIG-IP infrastructure across the IT landscape.  BIG-IQ discovers, tracks, manages, and monitors physical and virtual BIG-IP devices – in the cloud, on premise, or co-locate...
What’s this week about? You got a mini taste of DevCentral’s Cloud Month last week and week two we really dig in. This week we’re looking at Build and Deployment considerations for the Cloud.
As enterprise cloud becomes the norm, businesses and government programs must address compounded regulatory compliance related to data privacy and information protection. The most recent, Controlled Unclassified Information and the EU’s GDPR have board level implications and companies ...
Talk of IT disasters can spark equal amounts of fear of them happening to us, and gratitude that the big one hasn't happened to us yet. Network World offers some tips on what not to do when migrating to the cloud to avoid disasters-or, at the very least, grumbling users. They recommend...
Put yourself in the shoes of Captain Edward Smith of the RMS Titanic, seconds after the iceberg was reported to him and seconds (there were 37 of them, reportedly) before he reacted. In this critical timeframe – this brief space of time when the inevitability of disaster became clear –...
In the early days of F5, BIG/IP was our original load balancer. Today, BIG-IP is a family of products covering software and hardware designed around application availability, access control, and security solutions. In this Lightboard Lesson, I light up the various BIG-IP modules and wh...
Use F5’s Web Application Firewall (WAF) to protect web applications deployed in Microsoft Azure. Applications living in the Cloud still need protection. Data breaches, compromised credentials, system vulnerabilities, DDoS attacks and shared resources can all pose a threat to your cloud...
A Man in the Middle attack, or MITM, is a situation wherein a malicious entity can read/write data that is being transmitted between two or more systems (in most cases, between you and the website that you are surfing). MITMs are common in China, thanks to the “Great Cannon.” The “Gre...
Leonardo Souza lives in the United Kingdom, with his partner, 5-year-old daughter, and a (very) recently newborn son. He’s Brazilian and lived in Portugal for quite a while. He then moved to UK about 5 years ago ‘because of the amazing weather,’ he jokes. Leonardo started to work with ...
Last week we talked about how HA Groups work on BIG-IP and this week we’ll look at how to configure HA Groups on BIG-IP. To recap, an HA group is a configuration object you create and assign to a traffic group for devices in a device group. An HA group defines health criteria for a res...
High Availability of applications is critical to an organization’s survival. On BIG-IP, HA Groups is a feature that allows BIG-IP to fail over automatically based not on the health of the BIG-IP system itself but rather on the health of external resources within a traffic group. These ...
BIG-IP can manage application-specific network traffic in a variety of ways, depending on the protocols and services being used. On BIG-IP, Profiles are a set of tools that you can use to intelligently control the behavior of that traffic. In this Lightboard Lesson, I light up the BIG-...
Azure Resource Manager (ARM) templates allow you to repeatedly deploy applications with confidence. The resources are deployed in a consistent state and you can easily manage and visualize resources for your application. ARM templates take the guesswork out of creating repeatable appli...
Patrik Jonsson lives in Stockholm with his wife and son and works as a network engineer for a company providing online casino games across the world. Outside work, he likes to spend time with his family, play around with his home VMware lab and enjoys watching movies. He also loves tra...
The Consolidation of point devices and services in your datacenter or cloud can help with cost, complexity, efficiency, management, provisioning and troubleshooting your infrastructure and systems. In this Lightboard Lesson, I light up many of the services you can consolidate on BIG-IP...
As more organizations use APIs in their systems, they’ve become targets for the not-so-good-doers so API Security is something you need to take seriously. Most APIs today use the HTTP protocol so organizations should protect them as they would ordinary web properties. Starting in...
VeriStor Systems has announced that CRN has named VeriStor to its 2017 Managed Service Provider (MSP) 500 list in the Elite 150 category. This annual list recognizes North American solution providers with cutting-edge approaches to delivering managed services. Their offerings help comp...
The term ‘Proxy’ is a contraction that comes from the middle English word procuracy, a legal term meaning to act on behalf of another. In networking and web traffic, a proxy is a device or server that acts on behalf of other devices. It sits between two entities and performs a service....
Password fatigue is something we’ve all experienced at some point. Whether it’s due to breaches and the ever present, ‘update password’ warnings, the corporate policy of a 90-day rotation or simply registering for a website with yet another unique username and password. Social login or...
Ransomware attacks escalated dramatically in 2016. In fact, there was a 300 percent increase in ransomware attacks last year, according to the FBI, to an average of 4,000 attacks a day, up from 1,000 ransomware attacks a day in 2015. What’s more, organizations are targeted more frequen...
As software continues to pervade our lives, the security of that software continues to grow in importance. We need to keep private data private. We need to protect financial transactions and records. We need to protect online services from infiltration and attack. We can obtain this p...
Jinshu Peethambaran is a security architect currently working with Admiral Insurance. He started his career 9 years ago, managing network security operations and started working on F5 products about 5 years ago. He is also a 2017 DevCentral MVP and DevCentral’s Featured Member for Marc...
Powerful Denial of Service attacks are becoming increasingly common. A Distributed Denial of Service attack is when the attacker uses multiple machines to flood the resources of the target to overwhelm it and deny the legitimate users access to the service. The DDoS attack on Dyn in Oc...
Smart phones. Smart TVs. Smart toilet seats (yes that is a thing!). Let’s face it, smart technology surrounds us. It has become a de facto part of our everyday lives. The Internet of Things is growing at breakneck speeds. No matter which analyst you read, the growth predictions are sta...
We are mobile, our devices are mobile, the networks we connect to are mobile and the applications we access are mobile. Mobility, in all its iterations, is a huge enabler and concern for enterprises and it’ll only get worse as we start wearing our connected clothing to the office. If ...
How to share an APM session across multiple access profiles. A common question for someone new to BIG-IP Access Policy Manager (APM) is how do I configure BIG-IP APM so the user only logs in once. By default, BIG-IP APM requires authentication for each access profile. This can easily b...
I work from Boston 4 days a week and we're in the middle of a blizzard. (Note: I commute to Boston. I live 4 days a week at Unitrends' Boston/Burlington offices and 3 days a week at Unitrends' Columbia South Carolina offices. So it's fair to note that given my South Carolina roots t...
As more organizations deploy IoT applications in their data centers and clouds, they’re going to need their ADC to understand the unique protocols these devices use to communicate. In this Lightboard Lesson, I light up how IoT protocol MQTT (Message Queuing Telemetry Transport) w...
Specifically, in 2017 we predict that machine learning will show up in new and exciting ways. Some people believe that machine learning is the same as artificial intelligence, but what you are really looking at is this concept of being able to be more human with your IT infrastructure....
One of the unfortunate effects of the continued evolution of the load balancer into today’s application delivery controller (ADC) is that it is often too easy to forget the basic problem for which load balancers were originally created—producing highly available, scalable, and predicta...
In just the past ten or so years, consumer devices have swamped enterprises. Along with those devices have come apps and services and the expectation of ease and convenience from technology. The consumerization of IT is more than just the need to support and monitor personal devices on...