With any application that requires authentication you will inevitably run into a password expiration and/or lockout issues that requires a user to reset their password. I have seen organizations address this with a wide range of solutions from home grown programs all the way to multi-million dollar identity management frameworks. While both solutions will help a […]
Recently I was helping a customer address a multi-factor authentication bug where the 3rd party MFA solution would post the username and temporary token back to APM via the wrong URL. While we worked with the partner to address this bug the customer needed a work around in the meantime… perfect time for an iRule! For […]
When you work with any technology there reaches a point where the “it’s a black box” approach is no longer valid and you have to dig in a little deeper and understand how the product works. With F5 BIG-IP this means understanding how traffic flows through the appliance and how to monitor and watch it. […]
Over on DevCentral Robert Haynes has posted a great article outlining the advantages of F5’s clustered multiprocessing (CMP) architecture versus traditional shared memory architecture. So why does this matter? Because attacks today are designed to stress the performance of security devices and bring them to their knees. If your architecture is designed correctly then it […]
As organizations start to utilize Software as a Service (SaaS) the concern on how to authenticate users becomes a critical security issue. Many organizations look to federated authentication mechanisms, such as SAML, to help address this security risk. The benefits of using SAML are that user credentials are not replicated across each vendor cloud instance […]
I posted a new series on DevCentral regarding ways F5’s Access Policy Manager can facility authenticating users from multiple domain sources. This post is part 1 of 4 and the series will cover some cool topics like home realm discovery and automatic domain detection.