The last post

… before holiday!! This is the last post because I need to rest. I need to do something else. I need to read. I need to study. I need to be ready in September because there will be lots of things to do. The end of the year will be amazing. I’m sure! I’ll keep working with security appliances such as web application firewall, network firewall and VPN devices. I’ll keep working with DDI devices as well as I’ll keep working with load balancer appliances. Routers, switches and wireless devices will also be in my daily tasks. What's more, I will be the teacher of a mobile security training.

Cependant, je dois étudier cet été parce que je n’ai pas réussi mon examen de francais en juin. Je dois écrire plus souvent et je dois aussi parler en francais. Je parlerai peut-être seul en francais. Je parlerai devant mon ordinateur. Je m’enregistrerai et je m’écouterai. Vous savez que j’aime écrire mais cet été je n’écrirai pas sur la technologie mais j’écrirai sur l’économie, la famille et ce type de choses que les profs veulent lire. Donc, j’espère te dire après l’été que j’ai finalement reussi mon examen.

À bientôt.

F5 BIG-IP APM – SP Initiated for Office 365

I wrote about IdP Initiated for Office 365 last week. However, there are some people they don’t know yet what is the difference between IdP Initiated and SP Initiated. When we configure an IdP Initiated architecture, firstly users access to the IdP for authentication, secondly, SAML IdP validates credentials and collects data from directory. Finally, after selecting a SAML Resource, SAML IdP redirects user back to the SAML SP with a SAML assertion.

IdP initiated SAML

On the other hand, SP Initiated is a little bit different. Firstly, users access to the SAML SP. Secondly, SAML SP redirects users to SAML IdP where users authenticate. Thirdly, SAML IdP validates credentials and collects data from directory. Finally, SAML IdP redirects user back to SAML SP with SAML assertion. As you can see, the main difference is users access first to the SP instead of the IdP.

SP initiated SAML

We can watch in the next video how to configure SP Initiated for Office 365 with the guided configuration of F5 APM.

Thank you! See you soon!

F5 BIG-IP APM – IdP Initiated for Office 365

F5 BIG-IP APM is really useful for federation and Microsoft integration thanks to the AGC (Advanced Guided Configuration) for version 15 and SGC (Simplified Guided Configuration) for version 16. It is very easy to configure Application access with Azure AD or federation with Office 365. F5 APM federates user identity and enables single sign-on (SSO) to applications on-premises and in the cloud, including SaaS, because APM supports SAML, OAuth, Kerberos, header-based authentication and other SSO techniques.

I’ve been recording a new video today where you can watch how to configure F5 APM as Identity Provider for Office 365. The configuration is really easy. On one hand, there are some configuration needed on the Windows side such as Azure AD Connect installation on Active Directory for user sincronization, as well as, AzureAD and MSOnline for Windows Federation. On the other hand, we can use the Guided Configuration on F5 APM for configuring easily F5 as Identity Provider for Office 365.

Have a nice day! Would you like to configure federation on Office 365?

F5 ASM - Sending security logs to BIG-IQ

I'm working deeply with BIG-IQ devices since the end of the last year. These devices are really useful when you have to manage lots of BIG-IP devices because you can search objects easily as well as you can deploy configurations from a central management device. However, BIG-IQ is also increasingly used for monitoring applications and saving events logs because the built-in dashboards are really powerful for applications visibility. For instance, we can know application latencies or bot traffic from a single dashboard.

Bot Traffic Dashboard

I’ve been recording a new video where you can watch how to add a BIG-IP device to the BIG-IQ and how to configure a security log profile to send events to the BIG-IQ. Actually, the BIG-IQ DCD has a listening service in the 8514 port then we have to configure a log profile in the BIG-IP device to send events to the 8514 port. Once it is configured, there will be security events in the BIG-IQ Central Management (CM) device, thus, we can already watch these logs for troubleshooting and applications visibility from BIG-IQ CM.

Have a nice day! Do you like the BIG-IQ?