F5 Networks highlights the most useful and compelling security-focused iRules that help organisations enhance attack protection and provide secure access to IT resources. To coincide with the close of National Cyber Security Awareness Month, the iRules listed in this announcement have been compiled from the many F5, customer and partner-contributed solutions on DevCentral, F5’s collaborative online community that helps address the industry’s most pressing application delivery challenges.
“Today’s security threats move fast and can be difficult to predict,” said Zeus Kerravala, Principal Analyst at ZK Research. “With iRules, customers can quickly react to changing conditions and deploy solutions that protect against attacks aimed at applications – currently among the most attractive targets. F5’s ability to swiftly address security issues that are unforeseen or unique to a customer’s environment is a key factor in its success. DevCentral and iRules continue to be significant differentiators for F5, giving customers a valuable ecosystem where they can contribute solutions and leverage the combined expertise of their peers.”
iRules is a customisable feature of F5 BIG-IP solutions, designed to add intelligence to networks and give customers enhanced control over how their traffic is managed, optimised and secured. F5’s DevCentral site features iRules, technical documentation, discussion forums, blogs, media, wikis and other resources supported by a community of more than 110 000 IT, network and application professionals.
The iRules featured in this announcement represent collaborative efforts between F5 customers, employees and other community members.
Enhance protection from targeted attacks* HashDoS Defender – This iRule guards against hash collision “HashDoS” attacks through HTTP POST parameters. By enabling F5’s BIG-IP solutions to limit the post size and post variables, the attack is stopped before it reaches the backend servers, preventing servers from getting overwhelmed and thereby protecting the application.
Control access to valuable IT resources
* Controlling Bots – If left unchecked, bots can generate a critical mass of requests and support a number of attack types that target an organisation’s Web site. This iRule can be used to assign bots to a specific pool, throttle bot requests, introduce an artificial delay for bot requests, or simply block them completely.
* HTTP Request Throttling – By design, Web servers have limited CPU and memory resources. Servicing all requests on a first-come, first-served basis can open the door for attackers seeking to occupy all available system resources with specially crafted requests. By detecting the nature of specific requests, this iRule enables an IT administrator to slow the processing of particular request types and identify malicious actors.
* Client Blocking Using IP Intelligence – With this iRule, BIG-IP solutions can automatically connect to an IP reputation database to regularly update a reference list of bad IP addresses, helping keep the latest known offenders at bay.
Safeguard sensitive information
* Credit Card Tokenisation – Many organisations employ a tokenisation process to protect confidential information such as credit card details. This iRule is used on a BIG-IP device that sits in front of a secure Web application server and uses sideband connections to a second virtual server that processes requests to and from the tokenisation service.
* Data Loss Prevention – This iRule helps organisations limit the chance of data leakage by configuring a ‘Regular Expression’ matching technique that can recognise and remove certain types of information (credit card numbers, etc) from server responses.
Improve DNS security
* DNS Blackholing – These iRules can be used to (1) protect outgoing Web browsers from harmful sites, (2) protect network resources from certain DNS users or subnets, and (3) protect DNS infrastructures from certain source addresses. These capabilities can be used to prevent internal users from accessing harmful sites, direct users requesting certain hostnames to alternate servers for access control, and implement other provisions to enhance DNS security.
“F5’s iRules technology gives customers the flexibility to tailor how IT resources are accessed and secured, meaning that organisations can customise systems to best support their business needs,” says Mark Vondemkamp, VP of Security Product Management and Marketing at F5. “DevCentral is all about group-driven innovation. By combining the pooled expertise of customers with the intelligence and flexibility F5 products bring to the network, we provide a uniquely powerful offering that competitors simply can’t match.”
F5 Networks, the global leader in application delivery networking (ADN), helps the world’s largest enterprises and service providers realise the full value of virtualisation, cloud computing and on-demand IT. F5 solutions help integrate disparate technologies to provide greater control of the infrastructure, improve application delivery and data management, and give users seamless, secure and accelerated access to applications from their corporate desktops and smart devices. An open architectural framework enables F5 customers to apply business policies at “strategic points of control” across the IT infrastructure and into the public cloud. F5 products give customers the agility they need to align IT with changing business conditions, deploy scalable solutions on demand, and manage mobile access to data and services. Enterprises, service and cloud providers, and leading online companies worldwide rely on F5 to optimise their IT investments and drive business forward. For more information, go to www.f5.com. You can also follow @f5networks on Twitter or visit the company on Facebook for more information about F5, its partners and technology.
Watt Communications & G Watt Design
Our comments policy does not allow anonymous postings. Read the policy here