Speaker: Damian Curry
Building healthy modern applications starts with having the right ingredients. In this breakout session, we’ll explore examples of modern application architectures, identify the different components commonly used, and discuss why they are critical for your organization’s success.
Speakers: Phil Klatte, Rich Lopez
5G is coming! 5G core networks are intended to be cloud-native and deployed as microservices on a containerized Kubernetes infrastructure. Kubernetes is not designed for service providers that need to solve specific problems like how to manage 4G protocols on their 5G network. In this session, we’ll teach you how to tackle and solve these issues and how to ensure granular visibility into 5G network traffic.
Speaker: Liam Crilly
At the heart of modern application architectures is the HTTP API. APIs enable applications to be built rapidly, maintained easily, and scaled at will. API gateways are typically deployed as an additional layer in the application delivery environment, bringing additional complexity and points of failure. In this session, you’ll learn how to deploy NGINX—the most pervasive load balancer, reverse proxy, and web server—as an API gateway.
Speaker to be announced
Influence F5's artificial intelligence direction by sharing your challenges around digital transformation and learn about our plans to improve your customers' experience.
Speaker: Marco Rodrigues
In this breakout session, we’ll share best practices and customer examples of how to provide cloud-native networking and security for modern applications with distributed clusters to accelerate Day 0 time-to-service and simplify Day 1+ operations.
Speaker: Rick Sherman, Datadog
Applications continue to shift from monoliths to fully distributed architectures—spanning multiple servers, containers, and clouds. In this session, we’ll show you how Datadog observability combines logs and metrics from BIG-IP LTM and NGINX with application and network performance monitoring to provide the end-to-end visibility required to understand the flow of data between these disparate entities.
Speaker: Rick Salsa
F5 is excited to announce the launch of F5 Cloud DNS – Primary DNS Service. DNS specialists, network engineers, and DevOps teams now have the ability to easily and fully manage their DNS infrastructure optimized for today’s modern, cloud-native apps in just a few clicks. This service empowers you to deliver applications across hybrid and multi-cloud environments, scale instantly, and improve productivity with automation and DevOps integration.
Speaker: Karthik Krishnaswamy
With APIs serving as the connective tissue across all applications, API management capabilities are critical to achieving successful outcomes. In addition, the rise of the DevOps movement has fostered a culture of self-service, supported by distributed infrastructure. What are the characteristics of distributed API management? How do you drive innovation by accelerating API release velocity? Attend this session to find out.
Speakers: Melissa Housley, Owen Garrett
This session will review a joint reference architecture developed by F5 and Red Hat OpenShift that allows for rapid deployment, full automation, and security. We will cover customer scenarios such as blue-green, Canary, and multi-site deployment and discuss their impact in helping to scale Kubernetes-based deployments like Red Hat OpenShift.
Speakers: Jenn Gile, Owen Garrett
To make Kubernetes production grade, you need to add three components. In this session, we’ll focus on the first component: the Ingress controller. An Ingress controller is a specialized load balancer that abstracts away the complexity of Kubernetes networking and bridges between services in a Kubernetes cluster and those outside it.
We’ll look at:
Speakers: Jenn Gile, Owen Garrett
To make Kubernetes production grade, you need to add three components. In this session, we’ll focus on the second component: built-in security. While “coarse-grained” security might be sufficient outside the cluster, “fine-grained” security is required inside it.
We’ll explore the ways you can enable production-grade security within Kubernetes, including:
Speakers: Jenn Gile, Alan Murphy, Phil Jong
To make Kubernetes production grade, you need to add three components. In this session, we’ll focus on the third component: the service mesh. A service mesh provides fine-grained traffic management and security to application services within the cluster.
We’ll demystify the complexity of Kubernetes networking and discuss where F5 can help when you’re ready to take the mesh leap, including:
Speaker: Rajiv Kapoor
Gone are the days when security could simply be bolted on at the end of a process. In today’s world, integrated security must become a normal part of any DevOps implementation. In this session, we’ll explore how making security frictionless and adaptable enables development teams to power ahead without fear. Instead of a painful extra step that must be dealt with, modern application security can be a robust support system that empowers organizations to reach their business goals and guides them to even higher heights.
Speaker: Pat Campbell
Join F5, Cisco, and one of our joint customers, as we discuss how this customer achieved the automation, flexibility, and application-centric architecture they were after through our joint solutions.
Speakers: Damian Curry, Matt Quill
Explore how our customers are implementing F5 portfolio solutions across their container infrastructure. We’ll review customer use cases, learn why they are adopting specific architecture models, and explore some common problems they face. This session will include a Q&A portion to answer platform questions from the audience.
Speakers: Dylen Turnbull, Snehal Contractor, Stellar Cyber
You are inundated with thousands of data points every day. Learn from the experts in this panel discussion about future observability trends, challenges, and opportunities to help make sense of your data.
Speaker: Damian Curry
Ecosystem complexity across proprietary and open source solutions is accelerating. How do you identify the best approach for your modern application architecture? In this technical conversation, we’ll discuss best practices for building and running modern applications with alliance partners.
Speaker: Damian Curry
You may be asking yourself, “What exactly is a modern app and how does it benefit my organization?” Join this lightning session to learn the key outcomes delivered by healthy modern application infrastructure, and where to focus your energy for successful builds.
Speakers: Dylen Turnbull, Allen Cheon
Are you or your team currently looking for your next generation architecture? Or perhaps you’re already there but are looking for the best way to automate and manage it. Today, the deployment and management of Kubernetes is considered one of the biggest hurdles for organizations looking to modernize their infrastructure. Now with Rancher's Kubernetes management platform plus NGINX’s Ingress solution, organizations can simplify Kubernetes deployment and management at scale. Join this session to see how you can deploy Rancher and NGINX Plus Ingress in two minutes flat.
Speaker: Amir Rawdat
There are two popular open source Kubernetes Ingress controllers that use NGINX and a commercial version based on NGINX Plus that is developed and supported by NGINX. These projects all started around the same time, have similar names on GitHub, and implement the same function. Join this lightning talk to learn how they differ and how to choose an Ingress controller that's best for your needs.
Are you or your team currently looking for your next generation architecture? Or perhaps you’re already there but are looking for the best way to automate and manage it. Today, the deployment and management of Kubernetes is considered one of the biggest hurdles for organizations looking to modernize their infrastructure. Now with Rancher's Kubernetes management platform plus NGINX’s Ingress solution, organizations can simplify Kubernetes deployment and management at scale. Join this session to see how you can deploy Rancher and NGINX Plus Ingress in two minutes flat.
Experience how easy it is to set up and manage SRE blue-green deployment via hands-on guided simulation, by using F5 DNS Load Balancer Cloud Service to minimize downtime for application upgrades and migration across OpenShift clusters in multiple clouds.
Description to follow
Explore F5 Declarative Onboarding (DO) by using a declarative model to initially configure a BIG-IP device with all of the required settings to get up and ready, including system settings such as licensing and provisioning, network settings such as DNS, NTP, VLANs, Self IPs, clustering settings, and more.
During this hands-on lab, you’ll learn:
Explore Telemetry Streaming (TS) by declaratively aggregating, normalizing, and forwarding statistics and events from a BIG-IP device to a consumer application by POSTing a single TS JSON declaration to TS’ declarative REST API endpoint.
During this hands-on lab, you’ll learn how to:
In this lab, you’ll learn how to deploy applications with BIG-IQ using Application Service 3 (AS3) templates. You’ll use the BIG-IQ GUI and the BIG-IQ API.
The lab is intended to effectively demonstrate Ansible's capabilities using self-paced exercises. In this F5 and Ansible lab, you’ll learn advanced techniques around Ansible Playbook development as it relates to automating F5 load balancers. This hands-on workshop details utilizing the F5 BIG-IP Ansible modules with Ansible Playbooks, and with Ansible Tower for automation uses cases such as certificate management, WAF policy deployment, and pool/node management.
The lab is intended to effectively demonstrate Ansible's capabilities using self-paced exercises. In this F5 and Ansible lab, you’ll learn the basics around Ansible Playbook development as it relates to automating F5 load balancers. This hands-on workshop details utilizing the F5 BIG-IP Ansible modules with Ansible Playbooks, and then later integrating them with Ansible Tower.
This lab will demonstrate the capabilities of using NGINX+ as part of your CI/CD pipeline. Using NGINX+ enables you to accelerate code release cycles, meaning more regular app updates for users.
In this lab, we’ll introduce core NGINX+ capabilities, operations, and basic hands-on configuration concepts as well as where to use BIG-IP vs NGINX+ and how they complement each other.
In this introductory-level lab, you will learn the basic concepts required to interact with the BIG-IP iControl REST API. Additionally, we’ll walk you through a typical Device Onboarding workflow to deploy a fully functional BIG-IP Active/Standby pair. It’s important to note that this module will focus on demonstrating an Imperative approach to automation.
Join this lab to get an introduction to NGINX Instance Manager, the fastest and easiest way to manage your NGINX instances (OSS or Plus).
Topics covered:
Prerequisites:
You've seen a NGINX conf file before and got NGINX running.
F5 makes apps go, and nothing makes apps go faster than DevOps using containers. In this lab, you will learn how to deploy a Kubernetes and OpenShift hosted application/container on BIG-IP using F5 Container Ingress Service (CIS).
Prerequisites:
Laptop with RDP and SSH client.
Event-driven service discovery can enable self-service management of your BIG-IP pool members. Learn how this feature of Application Service Extension 3 (AS3) can be used with Consul Terraform Sync (CTS) to dynamically push updates to your BIG-IP pool members.
During the lab you will deploy BIG-IP using Terraform in AWS and use CTS to dynamically update the BIG-IP pools.
Prerequisites:
Experience with AS3 is recommended, but not required
NGINX Controller brings the power of scale and business alignment to your fleet of NGINX instances. In this lab, you’ll learn to configure your NGINX Controller as a resilient service and with Active Directory authentication. You’ll find out how to get started with your first application and component configuration, add application security protection, and monitor your services with NGINX Controller. You’ll also have additional opportunities to explore example configurations and best practices.
NGINX is already a very powerful all‑in‑one load balancer, web server, content cache and API gateway, but did you know that you can make NGINX even more powerful by plugging in your own code? In this lab, we’ll demonstrate how easy it is to extend NGINX using JavaScript. No prior NGINX or JavaScript experience is required.
Take advantage of BIG-IQ Centralized Management and AS3 for deploying F5 security solutions.
Speaker: Kevin Delgadillo
Modern apps require modern deployment models that simplify and accelerate repeatable rollouts while minimizing errors. Join this breakout session to learn how F5's modern declarative APIs can enable app services deployment automation while abstracting configuration complexity away.
Speaker: Ulises Alonso Camaro
The session will show different deployment options for BIG-IP in VMware NSX-T, explaining the pros and cons of each one. We’ll also describe NSX-T's inner workings which are important when choosing the best option for a given use case.
Speaker: Liam Crilly
You wait decades for a new HTTP version and then two come along at once! Following just six years after HTTP/2 was introduced, HTTP/3 is here and with it, QUIC, a brand-new transport protocol. In this session, we discuss why HTTP/2's reign was short lived and why we will be living with all three HTTP versions for the foreseeable future.
Speakers: Mariana Agache, Ian Harris, Rich Lopez
Service providers can solve key application challenges in their digital transformation by offering managed services that enable an enterprise to easily deploy and secure applications in any location (i.e., on premises, at the edge, in a private data center, or in a public cloud). In this way, you can focus on developing key apps for your business rather than worrying about how to deliver and secure those applications. In this session, we’ll show you managed app services that a service provider can offer using F5 technology, successful use cases, and the support that F5 provides service providers to ensure their success in generating revenue from these managed application services.
Speakers: Ronnie Dockery, Roman Jouhannet
Apps are how the modern enterprise materializes the consumer expectation of positive digital experiences. However, ensuring those apps can deliver on that promise by performing well, running securely, and remaining available is extremely difficult—especially with large portfolios of apps and services. Join this session to learn about the benefits of adopting a centralized, app-centric approach for managing, gaining visibility into, and automating your BIG-IP deployments.
Speakers: Nicolas Menant, Owen Garrett
It’s time to bridge the divide between your DevOps and infrastructure teams. In this breakout session, we’ll introduce a single step to deployment for a traditionally siloed, 2-step process across teams. You’ll walk away knowing how to reduce time to market, with the bonus of value-added services layered on top.
Speakers: Greg Coward, David Garrison
Join this session to learn about F5’s cloud-agnostic solution for centralized application delivery monitoring and management. This solution leverages analytics and automation tools such as Splunk, ELK, and Terraform to monitor ADC performance and autoscale infrastructure and configurations automatically.
Speakers: Marco Rodrigues, Pranav Dharwadkar
Workloads are increasingly being deployed across different clouds and providers, which can increase the complexity of the network and the sprawl of tools and services. In this session, you’ll learn how to consolidate networking services and increase agility while migrating workloads into a multi-cloud environment.
Speakers: Zach Westall, Ken Boccino
Self-service capabilities, automation, and consistency are the hallmarks of modern application development and delivery. Join this breakout session to learn how NGINX Controller can help you streamline your modern application delivery across teams.
Speakers: Geng Lin, Lori MacVittie
Ask F5 CTO, Geng Lin, your most burning tech questions in this Q&A discussion moderated by F5 Technical Evangelist, Lori Mac Vittie.
Speakers: Sumit Agarwal, Mengmeng Chen, Yuxi Yao
Every day, your B2C website receives numerous visits from returning good customers. But do you have measures in place to handle them differently than everyone else? Manual login, forgetting password, etc. are all various forms of friction that impedes customer engagements. By removing such friction intelligently, B2C commerce websites can lift 1–2% of top line revenue, allowing security teams to contribute to business outcomes.
Speakers: Jesica Church, Hugh Gilmore
The tech we use and deploy daily is riddled with terminology that is exclusionary and biased. For years, our industry has been making strides towards greater inclusivity, but it will take all of us to create broader momentum and be part of the change. Join a moderated panel to discuss the efforts and issues of driving systematic transformation in partnership with members from the Inclusive Naming Initiative, a global community of professionals from leading organizations whose mission is to help companies and projects remove harmful and unclear language and replace it with an agreed-upon set of neutral terms.
An iRule is a powerful and flexible feature within the BIG-IP Local Traffic Manager (LTM) system that you can use to manage your network traffic. The iRules feature not only allows you to select pools based on header data, but also allows you to direct traffic by searching on any type of content data that you define. In this lab, you’ll learn how to utilize HTTP iRules to direct, secure, and enhance your HTTP(s) traffic. You’ll also get some hands-on time to gain experience writing and troubleshooting iRules.
You may find it difficult at times to troubleshoot application traffic coming through BIG-IP. In this lab, you’ll learn how to utilize tcpdump and the F5 Wireshark plugin to gain perspective on how traffic is flowing through BIG-IP and seeing where a performance issue might be found.
Gain hands-on experience on how to manage BIG-IP in your ACI + BIG-IP deployment by leveraging the F5 Automation Toolchain and ACI’s programmable App Center framework.
Learn how this simple and native integration aims to solve important real world use cases:
Join this lab to find out how to leverage APIs to achieve end-to-end network automation workflows and learn how different personas within your organization can benefit from these features and functionalities.
In this hands-on lab we’ll show you how to take the complexity out of safeguarding your apps with F5 Essential App Protect Service—a feature-rich, checkbox-simple SaaS security solution. You’ll learn how to spin up protection against common web exploits, malicious IPs, and coordinated attacks within minutes, all without requiring extensive security expertise. You’ll experience how developers can protect their apps or tune WAF configuration features through the rich declarative API or an intuitive user interface.
We’ll cover how to:
In this self-guided lab, you’ll work in a dedicated AWS environment to build an HA pair of F5 Advanced WAFs from an AWS CloudFormation template. Learn how to quickly create virtual servers with a single RESTful API call via the declarative F5 Application Services 3 iControl LX extension.
F5 and Microsoft Azure Government: Meeting SCCA Requirements. In this lab, we’ll discuss the challenges of the Department of Defense’s (DoD) cloud adoption and examine exciting solutions to meeting complex requirements of a secure cloud architecture.
During this hands-on lab, we’ll cover:
In this lab, you’ll deploy a 3-NIC Google API-based failover-based template and then building upon that with an overview of the F5 failover extension.
Learn about the new F5 SaaS-based DNS offerings including DNS secondary configuration and DNS load balancing utilizing F5 Cloud Services.
Speaker: Anish Johnson, Saurabh Bajaj
With the proliferation of apps that have adopted anti-bot technologies such as Shape Enterprise Defense, attackers are finding it difficult to identify soft targets. Instead of expending resources in an attempt to circumvent anti-automation technologies, fraudsters are pivoting and attacking unprotected email servers that become the steppingstone to the ultimate goal: your customer accounts. This, in turn, has resulted in a change in the credential marketplace landscape. Shape Security has been protecting our customers from automated attacks for years and has observed that fraudsters are left with no option but to revert to manual (i.e., human-driven) fraud methods. For this reason, we’ve developed machine learning models that specifically protect banks, credit unions, and other financial institutions.
Speakers: Manish Desai, Anitha Mareedu, Jay Kelley
Most organizations are moving toward a Zero Trust security architecture to protect their applications wherever they reside. In order to even begin thinking about deploying a Zero Trust environment, you’ll need to bridge the chasm between modern and classic identity management and authentication. F5 and Microsoft have accomplished that, through the integration of BIG-IP APM and Azure Active Directory. In this session, we’ll dive deeper into how Zero Trust by enabling trusted identity, app access security, and risk management to be applied to every access request on a continuous basis. We’re taking the Zero Trust axiom of “Never trust, always verify” to a new level, adding “Continuously monitor” to the mix.
Speaker: Wesley Hales
Device and user identifiers are the common thread that span the entire technology stack. Organizations use them to drive fraud prevention and critical business analytics. Device ID+ is a real-time, high-precision device identifier that utilizes advanced signal collection and machine learning algorithms to assign a unique identifier to each device visiting your site. In this session, we’ll give you a rundown on how Device ID+ works, why it’s important, and how to use it within your application.
Speaker: Lori Mac Vittie
Technologies that deliver and secure applications are the status quo. Without them, applications don't scale, don't perform, and ultimately impact the customer experience. As businesses become digital, the technologies that enable experiences must evolve to deliver the data and actionable insights necessary to optimize and secure applications. This session will explore the current state of application delivery and security technologies and how data unlocks future business and digital capabilities.
Speaker: Saurabh Bajaj, Dan Woods, Brian Uffelman
Bots and unwanted automation drive billions of dollars in fraud losses for organizations around the globe every year. In this session, you’ll learn how F5 and Shape protect against the evolving threats from bots and cybercriminals that drive application fraud and abuse. Shape’s antibot platform uniquely defends against bots and unwanted automation for your customers. Learn how to find and qualify antibot opportunities and protect your customer’s applications from attack.
Speakers: Sumit Agarwal, Corey Marshall, Smriti Jaggi
Join this breakout to learn more about Device ID+, a real-time, high-precision device identifier that utilizes advanced signal collection and proven machine learning algorithms to assign a unique identifier to each device visiting your site.
Speaker: Pranav Dharwadkar, Jakub Pavlik
Containerization and serverless computing have had a significant impact on how apps are architected, networked, and secured. In this session, we’ll provide real world examples of app and API security attacks. We’ll also cover the four key security tenets—discover, analyze, secure, and anywhere—that users should look for in an app or API focused security solution.
Speaker: John Cianfarani
The term "dark web" is used so frequently but what is it and what does it really mean? This session aims to help you understand what you can find on the dark web, interesting stats and trends, how to safely access it, and how to protect your web and mobile applications.
Speakers: Ray Pompon, Sander Vinberg
Join this session to hear the latest insights from the F5 Labs Application Protection Research Series. We'll share insights from the past four years of data analysis on breach data, global honeypot nets, vulnerability analysis, and customer incident reports, including details on how the pandemic changed cybersecurity and what new threats emerged.
Speaker: Saurabh Bajaj
Over the course of the last decade, the nature of cybersecurity has changed, evolving past the idea of cybersecurity being a system of logical controls to prevent attackers from infiltrating systems, to becoming a data analytics problem based on behavioral analysis of attack patterns to detect them when they do. As such, fraud and abuse have become the primary focus areas for organizations’ defensive efforts, and the use of artificial intelligence—particularly machine learning—has become one of the principal tools. This talk will review how cybersecurity challenges have changed, examine the emergence of credential stuffing as the #1 cybersecurity problem in the world—with real data from major corporations—and demonstrate next generation uses of machine learning in defending organizations and millions of users around the world.
Speakers: Jay Kelley, Manish Desai, Don Laursen
According to the 2020 Phishing & Fraud Report from F5 Labs, the majority of phishing links—over 71%—use valid HTTPS certificates to appear credible so that they can fool you into clicking on a malicious link. Join this session to learn how F5 SSL Orchestrator can stop the bait used in encrypted phishing and spear phishing campaigns and how it can also secure non-standard ports from being a source of data loss.
Speakers: Jay Kelley, Manish Desai, Don Laursen
Today, bad actors are using the same security tools you use against you. They’re able to do this through product specific gaps in modern cipher support, performance limitations, and crypto complexity, bypassing the security you’ve deployed. In this session, you’ll learn how to simplify the traffic decryption challenge and secure against data exfiltration and C2 communications with effective decryption of outbound network traffic. See how your organization can support both legacy and modern ciphers while protecting against cipher mismatches and unintentional bypass, plus enable intelligent decryption bypass for privacy regulation adherence. And finally, we’ll help you understand how to encrypt the entire “hello” process and import visibility solutions.
Speakers: Frank Strobel, Matt Westover – Stellar Cyber
With F5 and Stellar Cyber, enterprises gain 360-degree visibility across their IT operations and can more easily remediate any security vulnerabilities that do arise. Stellar Cyber provides a leading open security operations platform providing high-speed, high-fidelity threat detection across the entire attack surface, and F5 is the industry leader in protecting apps. By consolidating visibility and analytics across F5’s WAF products through Stellar Cyber, this joint solution delivers best-of-breed protection, 360-degree visibility, high-fidelity detection, and fast remediation—all easily accessed through a single, intuitive user interface.
Speakers: Jay Kelley, Manish Desai
As many employees and other personnel continue to work remotely, organizations—including government agencies and ministries—have begun to evolve their thinking on Zero Trust security architectures. Organizations are becoming more comfortable with the idea of working remotely and are seeking to lay the foundation for securing this new working style. Most U.S. and foreign government agencies,—and even highly regulated private sector industries such as financial services and healthcare—are viewing the National Institute of Standards and Technology (NIST) Special Publication 800-207 Zero Trust Architecture as a guide on how to deploy a Zero Trust model. In this session, you’ll learn how F5’s security portfolio maps to the NIST 800-207 guidelines to assist not just U.S. federal agencies, but also foreign governments and private sector organizations, in rapidly adopting a Zero Trust architecture to augment their existing security investments, and to help develop new, safer workflows and operations.
Speaker: Pranav Dharwadkar
In this session, we’ll explore how best to address the challenges of securing modern microservices apps at the API level by leveraging machine learning and API auto-discovery and control.
Speakers: Eric Ji, Matt Quill, James Lee
In modern application architectures, security concerns are more complex than ever. In this session, we’ll explore how you can implement a layered security policy for your modern app environment through a combination of F5 Advanced WAF and NGINX App Protect, tailored to the needs of different cybersecurity teams of NetSecOps and DevSecOps. We will also show how NGINX+, Elastic, Red Hat Ansible, and Red Hat OpenShift work together to automate remediation tasks in your IT environment.
Speakers: John Cianfarani, Anish Johnson, Payal Shah
Throughout the COVID-19 pandemic, many of F5’s customers have seen a noticeable uptick in new account applications coming in and have had to adjust operations as their current customers adjust their usage patterns. If you’re seeing similar trends and are concerned about how to ensure a smooth experience for users while keeping malicious actors out, join this session and see how F5 SAFE can help. As users visit and interact with your site or application, SAFE inconspicuously collects several hundred signals across user journey, behavior, and environment, and evaluates the risk of account opening or account takeover fraud using a customized machine learning model tuned for your enterprise.
Speaker: Jay Kelley
A cultural shift is underway in how organizations look at security. Organizations with a traditional “security as the gatekeeper” mindset cannot scale and be effective in an environment where change is rapid and continuous. An important component of this cultural shift is the need to quickly abandon the concept of security as the gatekeeper and then embrace security as a shared responsibility across disciplines and teams. Join this session to find out how security controls can shift further left in the CI/CD pipeline and how the responsibility for security can be shared throughout the development process.
Speakers: Payal Shah, Josh Goldfarb
The COVID-19 pandemic has affected billions of people around the world. Aside from the virus’ health ramifications, the corresponding lockdowns, travel restrictions, and closures have brought with them a tremendous economic impact. The unfortunate result is that many are hurting financially, having lost their jobs or otherwise suffered a drastic reduction in income. By implementing controls to prevent and monitor fraud, state agencies can greatly reduce the amount of unemployment fraud. Join this session to learn how Shape has been able to facilitate millions of dollars in fraud savings for organizations during the pandemic.
Speaker to be announced
The COVID-19 pandemic has introduced complexity and chaos into nearly every aspect of our lives. The associated surge in unemployment fraud merely adds to that chaos. Rather than giving up and opting to live with billions of dollars in fraud losses each year, the time has come to take action. Join this discussion to find out how fraud detection and prevention platforms such as the Shape AI Fraud Engine (SAFE) can empower us to identify and stop different types of fraud, including unemployment fraud.
Speakers: James Lee, Matt Quill
This discussion will explore how NGINX App Protect, in combination with Ansible automation, can respond in real time to application threats. We’ll whiteboard out the process by which a threat is detected and a WAF policy is enforced automatically.
Speakers: Nic Garmendia, Edgar Ojeda, Lori Seabright
F5’s Security Operations Center (SOC) analysts are on the front lines, working 24x7 with customers to thwart attacks and add protections to keep their businesses up and running. In this session, our DDoS and WAF analysts will walk thru real attack scenarios and share best practices on how you can remain vigilant against persistent attackers. Cyberattacks are not going away so learn from the experts who have visibility into the attacks impacting businesses like yours.
Speaker to be announced
Join us for an interactive conversation about how Shape Security's real-time, high-precision device identifier can protect your users, applications, and data by utilizing advanced signal collection and proven machine learning algorithms to assign a unique identifier to each device visiting your site.
Speakers: Scott Laster, Srikanth Thadigol Reddappa
The speed at which the API economy is accelerating requires equally nimble security in front of these microservices. Join this lightning session to find out how NGINX App Protect is delivering on the concept of Security as Code and—when combined as a joint solution with other leading API tooling vendors—can deliver significant value to API publishers.
Speaker: Partha Sarathy
Join us to learn how Shape can help you detect fraud in your applications and prevent the resulting revenue losses.
Speakers: Pat Campbell, James Lee
Join this lightning session to gain insight into how F5 SSL Orchestrator can secure Cisco ACI deployments.
Speaker: Kevin Gallaugher
The way we do business is constantly evolving. Most organizations’ changes need to happen quickly or they risk losing revenue and opportunities. In this session, learn how F5 SSL Orchestrator can simplify change management for security devices (e.g., WAF, NG Firewall) and shorten the duration of the entire process. You’ll learn how to simplify stack change management and minimize the negative impacts due to it.
Speakers: Shehzad Shahbuddin, Carlos Asuncion
COVID-19 has accelerated the digital shift by at least two years, with some estimates pointing to as much as a five-year acceleration. Learn how Shape Enterprise Defense protects your customers from sophisticated automation attacks that can result in widespread hijacking of your customers' accounts.
Speakers: Smriti Jaggi, Gary Newe
Device ID+ is a real-time device identifier that utilizes advanced signal collection and proven machine learning algorithms to assign a unique identifier to each device visiting your site. In this session, you’ll learn how Device ID+ can help you strengthen app security by detecting or blocking known bad devices, optimize traffic management, mitigate fraud and risk, personalize and accelerate online experiences for known devices, and more.
Speaker: Mengmeng Chen
Capturing the attention of consumers and leading them to your website is an expensive proposition for an online retailer. Learn how even seemingly small improvements in the conversion from shoppers to buyers can yield significant revenue and margin improvements
Speakers: Pat Campbell, Aaron Hansen, Cisco
Find out how you can allow users to authenticate in seconds while effectively blocking unmanaged, unauthorized, and non-compliant devices.
Shape Security has been protecting our customers from automated attacks for years and have developed industry-leading methods for defending against Account Takeover (ATO) attacks. Join this demo to learn more about Shape's machine learning models that leverage unique signals collected in the web browser to identify humans with malicious intent.
The volume of over-the-top (OTT) encrypted video can be up to 70% of internet traffic. This presents a challenge for service providers as congestion in the network can impact the video performance for fixed and mobile network subscribers. Join this interactive demo to see the latest release of F5's Policy Enforcement Manager (PEM) which includes new features that allow service providers to monitor and control video traffic to ensure a high-quality end user experience.
In this interactive demo, you’ll see how the F5 ACI ServiceCenter app runs natively in Cisco’s Application Policy Infrastructure Controller (APIC), providing administrators with a single point of automation and visibility for L2–3, as well as L4–7 app services between F5 BIG-IP and Cisco ACI.
Learn how to protect your customers’ data and your online business from direct attacks to the first- and third-party JavaScript components with Shape Client-Side Defense.
In this session, we’ll explore how best to address the challenges of securing modern microservices apps at the API level by leveraging machine learning and API auto-discovery and control.
Silverline Shape Defense is a managed security service that protects your web applications from automated bot attacks to prevent large-scale fraud, inflated operational costs, and friction for your end users. Join us for a hands-on demo to learn how to learn how Silverline Shape Defense protects your web apps from bots and other automated attacks by delivering continuous protection, even when attackers retool. The managed service prevents sophisticated attacks, including those on the OWASP Automated Threats to Web Applications list.
Description coming soon
Join this lightning session to better understand the different topologies of deploying BIG-IP in an NSX-T environment.
This is an introductory lab focused on F5 Access Policy Manager (APM). In this lab, you’ll learn the fundamental concepts of BIG-IP APM and learn about the components within the module.
During this lab you’ll cover:
In this BIG-IP Access Policy Manager (APM) Lab, you’ll work through the fundamental building blocks and intermediate concepts leveraged in Access. You will build on the fundamental concepts from the 101 class and delve into more complex authentication with per session and per request policies.
During this lab you’ll learn:
Security is becoming more challenging as organizations shift to a remote workforce and applications reside in multiple locations beyond the enterprise data center. This has caused organizations to look for new and innovative ways to solve the complex problem for real-time authentication and authorization controls.
F5’s Zero Trust Architecture uses the Identity Aware Proxy (IAP) to create real-time contextual access decisions regardless of endpoint location. Contextual access can come from a multitude of sources including Identity providers, client posture, resource posture, or integration third party tools.
During this hands-on lab you will learn how to configure the following:
Request-by-request security is a foundational element when considering modern application delivery and security. Beyond single session authentication security, the need and ability to control access based on dynamic changes to the user, client, resource posture or external telemetry is critical and factors into Zero Trust architectures. In this lab, you’ll explore F5's per-request policies and apply their functionality to control secure access to applications.
During this hands-on lab you will learn how to:
Did you know you can implement BIG-IP Access Policy Manager (APM) solutions through automation? Learn how to navigate the APM REST API, attach policy with AS3, and build BIG-IP APM objects and policies through imperative calls.
During this lab, you will learn how to:
BIG-IP Advanced Firewall Manager (AFM)’s unique application-centric design enables greater effectiveness in guarding against targeted network-level attacks. It tracks the state of network sessions, maintains deep application awareness, and uniquely mitigates attacks based on more granular details than traditional firewalls. The purpose of this lab is to walk you through the setup of BIG-IP AFM to protect applications at multiple layers of the OSI stack, thereby providing advanced application security control. This, in effect, allows BIG-IP AFM to be multiple firewalls within a single platform.
Description coming soon
Investigate and explore the movement to DNS over HTTPS and TLS and create a DNS server that will respond to DOH and DOT with F5.
F5 iRules can be used to fix things that are missing or hard to solve for in the existing application stack. F5 iRules give you the power and flexibility to fill security gaps. This self-guided lab will show you a handful of ways to use iRules to defend and protect against malicious activity in your enterprise.
As the volume of data continues to grow at a rapid pace, more companies are deploying Secure Socket Layer (SSL) and Transport Layer Security (TLS) solutions to encrypt data in transit.
In this “follow me”-style lab, you’ll learn how F5 SSL Orchestrator maximizes visibility across your network, increases infrastructure efficiencies, and heightens security by:
As organizational requirements change, so does the need to update security polices and add additional features to existing SSL Orchestrator deployments. This lab will demonstrate how easy maintenance can be within the SSL Orchestrator dashboard.
You’ll learn to understand the SSL Orchestrator dashboard, tune security polices, and add authentication to allow access to an outbound SSL Orchestrator topology by:
The OWASP Top 10 is the de facto list of the top 10 most prevalent web application attacks. A challenge for many security practitioners is taking this list of high-level attacks and turning them into real, actionable protection of their applications. In this lab, we’ll demonstrate how to quickly protect against the OWASP Top 10 by leveraging solutions across the F5 technology portfolio, primarily, BIG-IP Advanced WAF in addition to NGINX WAF and F5 iRules for AWS WAF.
In this lab, you’ll learn how to approach a WAF deployment and add security in layers to protect the application from known attacks—the negative security model.
Topics covered:
Prerequisites:
Interest in WAF, no working knowledge of F5 Advanced WAF needed, although helpful
Take your security policy to the next level. Use traffic learning to phase in a more restrictive positive security posture. We’ll cover elevated bot protection, learning and positive security, L7 DoS protection, and login page protection.
Topics covered:
Prerequisites:
Soft requirement of the WAF 141 lab
Learn how to layer on additional security features and further enhance WAF policy using learning of parameters and URLs.
Topics covered:
Prerequisites:
Soft requirement of WAF 241 or working knowledge of WAF policy and learning
Join this lab to learn how to integrate your Advanced WAF into your CI/CD pipeline.
Topics covered:
Prerequisites:
Familiarity with CI/CD and ASM, some experience with AS3 and ASM is recommended, but not required
As the dependency of API usage increases across organizations, so do the tools used to protect them. APIs were historically protected through dedicated API gateways performing complex tasks. The complex requirements for API gateways have decreased as the adoption of REST has increased in organizations. API gateways have been narrowed to three specific requirements: authentication, authorization, and content validation.
Using F5 Advanced WAF in conjunction with BIG-IP Access Policy Manager (APM), an organization can not only achieve the requirements needed for a traditional API gateway but increased security and authorization controls.
During this hands-on lab, you’ll learn how to: