F5 and Carahsoft attended the F5 DoD Virtual User Group (VUG). Security vulnerabilities are on the rise. In 2022, over 23,000 new CVEs have been published, a more than 300% increase over 5 years, and the number of knowncritical vulnerabilities is so large that application security teams simply cannot patch quickly enough. In this lab, we covered how F5 iRules can often “fix” things that are missing or hard to solve in the existing application stack. Of course, custom code should never take the place of a good security product, but arguably there’s no single security device that can address every vulnerability; and malware and other exploits generally move faster than software updates and patches. F5 iRules give you the power and flexibility to fill those gaps, and these labs provide just a taste of some of that power. In the following, you’ll see a handful of ways to use iRules to defend and protect against malicious activity in your enterprise.

In this VUG, attendees learned how to utilize F5 Application Flow Control with iRules and get an intro to iRules LX. The following topics covered were:

• How to create an iRule that Parses the URI to Route Traffic
• Log and Change Headers
• HTTP to HTTPS Redirect
• Stream Profile
• HTTP Payload Manipulation
• iRules Summary / Events / HTTP(S)
• SSL::profile