How to Mitigate Vulnerabilities from SWEET32 in F5 Load Balancers The SWEET32 vulnerability is targeting long lived SSL sessions using Triple DES in CBC mode. The attack targets the cipher itself and thus there is and will be no hotfix for this. The only way to mitigate is to either disable the 3DES-CBC ciphers or set […]
Chris Spillane provides a quick guide to troubleshooting device clustering or config sync for version 11.x. Read more ….
This is a real life sample alert from indeni Description: The F5 bigd process is down and has not restarted. Among its responsibilities, bigd runs the monitors for nodes, pool members and services. For more information, read SOL6967. Manual Remediation Steps: Review the logs to identify why the bigd process is down. indeni will attempt […]
This is a real life sample alert from indeni for F5 Load Balancing Methods Description: Some of the F5 IPsec tunnels have multiple security associations negotiated for them. This may result in traffic issues. Affected Tunnels: Tunnel to 22.214.171.124 Manual Remediation Steps: Review SOL14646. How does this alert work? indeni uses the various “show /net […]
NOTE: The alert detailed below is given with a Check Point ClusterXL example, although F5 BIG-IP LTM is covered for this issue as well (see SOL7332). This is a real life sample alert from indeni Description: A fail over was identified at Device time: Jul 18 03:02 2014 UTC, indeni time: Jul 18 […]