Automation & Insights

Breakouts | 25 Minutes

Baking the Cake: Ingredients for Modern App Builds

Speaker: Damian Curry

Building healthy modern applications starts with having the right ingredients. In this breakout session, we’ll explore examples of modern application architectures, identify the different components commonly used, and discuss why they are critical for your organization’s success.

Deploying 5G Infrastructure for Service Providers

Speakers: Phil Klatte, Rich Lopez

5G is coming! 5G core networks are intended to be cloud-native and deployed as microservices on a containerized Kubernetes infrastructure. Kubernetes is not designed for service providers that need to solve specific problems like how to manage 4G protocols on their 5G network. In this session, we’ll teach you how to tackle and solve these issues and how to ensure granular visibility into 5G network traffic.

Deploying NGINX Plus as an API Gateway

Speaker: Liam Crilly

At the heart of modern application architectures is the HTTP API. APIs enable applications to be built rapidly, maintained easily, and scaled at will. API gateways are typically deployed as an additional layer in the application delivery environment, bringing additional complexity and points of failure. In this session, you’ll learn how to deploy NGINX—the most pervasive load balancer, reverse proxy, and web server—as an API gateway.

Digital Transformation and AI

Speaker to be announced

Influence F5's artificial intelligence direction by sharing your challenges around digital transformation and learn about our plans to improve your customers' experience.

Enabling the Delivery of Modern Apps Across Clouds

Speaker: Marco Rodrigues

In this breakout session, we’ll share best practices and customer examples of how to provide cloud-native networking and security for modern applications with distributed clusters to accelerate Day 0 time-to-service and simplify Day 1+ operations.

End-to-End Observability for Distributed Applications

Speaker: Rick Sherman, Datadog

Applications continue to shift from monoliths to fully distributed architectures—spanning multiple servers, containers, and clouds. In this session, we’ll show you how Datadog observability combines logs and metrics from BIG-IP LTM and NGINX with application and network performance monitoring to provide the end-to-end visibility required to understand the flow of data between these disparate entities.

F5 Cloud DNS: Primary DNS Service

Speaker: Rick Salsa

F5 is excited to announce the launch of F5 Cloud DNS – Primary DNS Service. DNS specialists, network engineers, and DevOps teams now have the ability to easily and fully manage their DNS infrastructure optimized for today’s modern, cloud-native apps in just a few clicks. This service empowers you to deliver applications across hybrid and multi-cloud environments, scale instantly, and improve productivity with automation and DevOps integration.

Introduction to Distributed API Management

Speaker: Karthik Krishnaswamy

With APIs serving as the connective tissue across all applications, API management capabilities are critical to achieving successful outcomes. In addition, the rise of the DevOps movement has fostered a culture of self-service, supported by distributed infrastructure. What are the characteristics of distributed API management? How do you drive innovation by accelerating API release velocity? Attend this session to find out.

Marrying Your Modern and Traditional Applications with NGINX and BIG-IP in One Fell Swoop

Speakers: Melissa Housley, Owen Garrett

This session will review a joint reference architecture developed by F5 and Red Hat OpenShift that allows for rapid deployment, full automation, and security. We will cover customer scenarios such as blue-green, Canary, and multi-site deployment and discuss their impact in helping to scale Kubernetes-based deployments like Red Hat OpenShift.

Production-Grade Kubernetes Part 1: How Should I Manage Kubernetes Traffic?

Speakers: Jenn Gile, Owen Garrett

To make Kubernetes production grade, you need to add three components. In this session, we’ll focus on the first component: the Ingress controller. An Ingress controller is a specialized load balancer that abstracts away the complexity of Kubernetes networking and bridges between services in a Kubernetes cluster and those outside it. 

We’ll look at:

  • Use cases and requirements that should inform your selection of an Ingress controller
  • The features and capabilities that make an Ingress controller “production-grade” 
  • An overview of NGINX Ingress Controller 
Production-Grade Kubernetes Part 2: How Do I Secure Kubernetes Without Slowing Down Apps?

Speakers: Jenn Gile, Owen Garrett

To make Kubernetes production grade, you need to add three components. In this session, we’ll focus on the second component: built-in security. While “coarse-grained” security might be sufficient outside the cluster, “fine-grained” security is required inside it. 

We’ll explore the ways you can enable production-grade security within Kubernetes, including:

  • Trends and challenges of securing Kubernetes at scale
  • How to simplify and secure your environment by centralizing WAF and authentication at the point of Ingress
  • Why and where to duplicate your WAF, both within and outside of Kubernetes
  • An overview of NGINX Ingress Controller and NGINX App Protect
Production-Grade Kubernetes Part 3: When Will I Need a Service Mesh?

Speakers: Jenn Gile, Alan Murphy, Phil Jong

To make Kubernetes production grade, you need to add three components. In this session, we’ll focus on the third component: the service mesh. A service mesh provides fine-grained traffic management and security to application services within the cluster. 

We’ll demystify the complexity of Kubernetes networking and discuss where F5 can help when you’re ready to take the mesh leap, including:

  • Service mesh basics
  • Service mesh readiness checklist
  • How to choose a service mesh
  • An overview of NGINX Service Mesh and Aspen Mesh
Reimagine Security for Modern Applications with NGINX

Speaker: Rajiv Kapoor

Gone are the days when security could simply be bolted on at the end of a process. In today’s world, integrated security must become a normal part of any DevOps implementation. In this session, we’ll explore how making security frictionless and adaptable enables development teams to power ahead without fear. Instead of a painful extra step that must be dealt with, modern application security can be a robust support system that empowers organizations to reach their business goals and guides them to even higher heights.

Discussion Forums | 45 Minutes

Facilitate Application Agility and Data Center Automation with F5 and Cisco

Speaker: Pat Campbell

Join F5, Cisco, and one of our joint customers, as we discuss how this customer achieved the automation, flexibility, and application-centric architecture they were after through our joint solutions.

Let’s Talk Containers

Speakers: Damian Curry, Matt Quill

Explore how our customers are implementing F5 portfolio solutions across their container infrastructure. We’ll review customer use cases, learn why they are adopting specific architecture models, and explore some common problems they face. This session will include a Q&A portion to answer platform questions from the audience. 

Kubernetes Apps: How to Quickly Identify Points of Failure and Risk Threats Before Your Customers Do

Speakers: Dylen Turnbull, Snehal Contractor, Stellar Cyber

You are inundated with thousands of data points every day. Learn from the experts in this panel discussion about future observability trends, challenges, and opportunities to help make sense of your data. 

Modern Application Ecosystems: Simplifying the Build Process

Speaker: Damian Curry

Ecosystem complexity across proprietary and open source solutions is accelerating. How do you identify the best approach for your modern application architecture? In this technical conversation, we’ll discuss best practices for building and running modern applications with alliance partners.

Lightning Sessions | 10 Minutes

Modern Apps in the Wild

Speaker: Damian Curry

You may be asking yourself, “What exactly is a modern app and how does it benefit my organization?” Join this lightning session to learn the key outcomes delivered by healthy modern application infrastructure, and where to focus your energy for successful builds.

Simplifying Your Kubernetes Deployments with NGINX and Rancher (now part of SUSE)

Speakers: Dylen Turnbull, Allen Cheon

Are you or your team currently looking for your next generation architecture? Or perhaps you’re already there but are looking for the best way to automate and manage it. Today, the deployment and management of Kubernetes is considered one of the biggest hurdles for organizations looking to modernize their infrastructure. Now with Rancher's Kubernetes management platform plus NGINX’s Ingress solution, organizations can simplify Kubernetes deployment and management at scale. Join this session to see how you can deploy Rancher and NGINX Plus Ingress in two minutes flat.

When Performance Matters: Choosing NGINX Ingress Controllers

Speaker: Amir Rawdat

There are two popular open source Kubernetes Ingress controllers that use NGINX and a commercial version based on NGINX Plus that is developed and supported by NGINX. These projects all started around the same time, have similar names on GitHub, and implement the same function. Join this lightning talk to learn how they differ and how to choose an Ingress controller that's best for your needs.

Interactive Demos | 10 Minutes

Simplifying Your Kubernetes Deployments with NGINX and Rancher (now part of SUSE)

Are you or your team currently looking for your next generation architecture? Or perhaps you’re already there but are looking for the best way to automate and manage it. Today, the deployment and management of Kubernetes is considered one of the biggest hurdles for organizations looking to modernize their infrastructure. Now with Rancher's Kubernetes management platform plus NGINX’s Ingress solution, organizations can simplify Kubernetes deployment and management at scale. Join this session to see how you can deploy Rancher and NGINX Plus Ingress in two minutes flat.

SRE Multi-Cluster Blue-Green Deployment for Modern Apps

Experience how easy it is to set up and manage SRE blue-green deployment via hands-on guided simulation, by using F5 DNS Load Balancer Cloud Service to minimize downtime for application upgrades and migration across OpenShift clusters in multiple clouds.

Labs | 2 Hours

A&O Toolchain: Application Deployments with BIG-IP and AS3 (Self-Guided)

Description to follow

A&O Toolchain: BIG-IP Deployments with Declarative Onboarding

Explore F5 Declarative Onboarding (DO) by using a declarative model to initially configure a BIG-IP device with all of the required settings to get up and ready, including system settings such as licensing and provisioning, network settings such as DNS, NTP, VLANs, Self IPs, clustering settings, and more.

During this hands-on lab, you’ll learn: 

  • The difference between a declarative and imperative API
  • How to create and validate a JSON declaration
  • Where DO fits in the F5 Automation Toolchain
A&O Toolchain: Service Analytics and Metrics with Telemetry Streaming

Explore Telemetry Streaming (TS) by declaratively aggregating, normalizing, and forwarding statistics and events from a BIG-IP device to a consumer application by POSTing a single TS JSON declaration to TS’ declarative REST API endpoint.

During this hands-on lab, you’ll learn how to:

  • Use AS3 to declaratively build a logging profile 
  • Log statistics in Kibana using Elasticsearch
  • Log statistics in Amazon Cloudwatch
ADC Automation with BIG-IQ (Self-Guided)

In this lab, you’ll learn how to deploy applications with BIG-IQ using Application Service 3 (AS3) templates. You’ll use the BIG-IQ GUI and the BIG-IQ API.

Advanced BIG-IP Configuration with Ansible (Self-Guided)

The lab is intended to effectively demonstrate Ansible's capabilities using self-paced exercises. In this F5 and Ansible lab, you’ll learn advanced techniques around Ansible Playbook development as it relates to automating F5 load balancers. This hands-on workshop details utilizing the F5 BIG-IP Ansible modules with Ansible Playbooks, and with Ansible Tower for automation uses cases such as certificate management, WAF policy deployment, and pool/node management.

Basic BIG-IP Configuration Management with Ansible (Self-Guided)

The lab is intended to effectively demonstrate Ansible's capabilities using self-paced exercises. In this F5 and Ansible lab, you’ll learn the basics around Ansible Playbook development as it relates to automating F5 load balancers. This hands-on workshop details utilizing the F5 BIG-IP Ansible modules with Ansible Playbooks, and then later integrating them with Ansible Tower.

CI/CD with NGINX Plus (with Gitlab)

This lab will demonstrate the capabilities of using NGINX+ as part of your CI/CD pipeline. Using NGINX+ enables you to accelerate code release cycles, meaning more regular app updates for users.

Intro to NGINX

In this lab, we’ll introduce core NGINX+ capabilities, operations, and basic hands-on configuration concepts as well as where to use BIG-IP vs NGINX+ and how they complement each other.

Introduction to BIG-IP Rest Structure and Concepts

In this introductory-level lab, you will learn the basic concepts required to interact with the BIG-IP iControl REST API. Additionally, we’ll walk you through a typical Device Onboarding workflow to deploy a fully functional BIG-IP Active/Standby pair. It’s important to note that this module will focus on demonstrating an Imperative approach to automation.

Introduction to NGINX Instance Manager

Join this lab to get an introduction to NGINX Instance Manager, the fastest and easiest way to manage your NGINX instances (OSS or Plus).

Topics covered:

  • Edit existing configs and push changes
  • Analyze conf files centrally
  • Discover existing instances
  • Export Metrics to Grafana
  • Use an existing CI/CD pipeline 

You've seen a NGINX conf file before and got NGINX running.

Kubernetes and OpenShift Integration with BIG-IP

F5 makes apps go, and nothing makes apps go faster than DevOps using containers. In this lab, you will learn how to deploy a Kubernetes and OpenShift hosted application/container on BIG-IP using F5 Container Ingress Service (CIS).

Laptop with RDP and SSH client.

Network Infrastructure Automation/HashiCorp Consul Terraform Sync and BIG-IP

Event-driven service discovery can enable self-service management of your BIG-IP pool members. Learn how this feature of Application Service Extension 3 (AS3) can be used with Consul Terraform Sync (CTS) to dynamically push updates to your BIG-IP pool members.  

During the lab you will deploy BIG-IP using Terraform in AWS and use CTS to dynamically update the BIG-IP pools.

Experience with AS3 is recommended, but not required 

NGINX Controller: Application Delivery and Security (ADC)

NGINX Controller brings the power of scale and business alignment to your fleet of NGINX instances. In this lab, you’ll learn to configure your NGINX Controller as a resilient service and with Active Directory authentication. You’ll find out how to get started with your first application and component configuration, add application security protection, and monitor your services with NGINX Controller. You’ll also have additional opportunities to explore example configurations and best practices.

NGINX Dataplane Scripting

NGINX is already a very powerful all‑in‑one load balancer, web server, content cache and API gateway, but did you know that you can make NGINX even more powerful by plugging in your own code? In this lab, we’ll demonstrate how easy it is to extend NGINX using JavaScript. No prior NGINX or JavaScript experience is required.

Security Automation with BIG-IQ

Take advantage of BIG-IQ Centralized Management and AS3 for deploying F5 security solutions.



Breakouts | 25 Minutes

Automate App Services Deployments with Declarative APIs

Speaker: Kevin Delgadillo

Modern apps require modern deployment models that simplify and accelerate repeatable rollouts while minimizing errors. Join this breakout session to learn how F5's modern declarative APIs can enable app services deployment automation while abstracting configuration complexity away.

BIG-IP Deployment Options for VMware NSX-T

Speaker: Ulises Alonso Camaro

The session will show different deployment options for BIG-IP in VMware NSX-T, explaining the pros and cons of each one. We’ll also describe NSX-T's inner workings which are important when choosing the best option for a given use case.

Everything You Need to Know About QUIC and HTTP/3

Speaker: Liam Crilly

You wait decades for a new HTTP version and then two come along at once! Following just six years after HTTP/2 was introduced, HTTP/3 is here and with it, QUIC, a brand-new transport protocol. In this session, we discuss why HTTP/2's reign was short lived and why we will be living with all three HTTP versions for the foreseeable future.

Grow Revenue with Edge to Multi-Cloud Managed Application Services

Speakers: Mariana Agache, Ian Harris, Rich Lopez

Service providers can solve key application challenges in their digital transformation by offering managed services that enable an enterprise to easily deploy and secure applications in any location (i.e., on premises, at the edge, in a private data center, or in a public cloud). In this way, you can focus on developing key apps for your business rather than worrying about how to deliver and secure those applications. In this session, we’ll show you managed app services that a service provider can offer using F5 technology, successful use cases, and the support that F5 provides service providers to ensure their success in generating revenue from these managed application services.

Improving BIG-IP Deployments with Visibility and Control

Speakers: Ronnie Dockery, Roman Jouhannet

Apps are how the modern enterprise materializes the consumer expectation of positive digital experiences. However, ensuring those apps can deliver on that promise by performing well, running securely, and remaining available is extremely difficult—especially with large portfolios of apps and services. Join this session to learn about the benefits of adopting a centralized, app-centric approach for managing, gaining visibility into, and automating your BIG-IP deployments.

Marrying Your Modern and Traditional Applications with NGINX and BIG-IP in One Fell Swoop

Speakers: Nicolas Menant, Owen Garrett

It’s time to bridge the divide between your DevOps and infrastructure teams. In this breakout session, we’ll introduce a single step to deployment for a traditionally siloed, 2-step process across teams. You’ll walk away knowing how to reduce time to market, with the bonus of value-added services layered on top.

Performance Based Autoscaling for BIG-IP

Speakers: Greg Coward, David Garrison

Join this session to learn about F5’s cloud-agnostic solution for centralized application delivery monitoring and management. This solution leverages analytics and automation tools such as Splunk, ELK, and Terraform to monitor ADC performance and autoscale infrastructure and configurations automatically.

Simplifying App Delivery Across Clouds

Speakers: Marco Rodrigues, Pranav Dharwadkar

Workloads are increasingly being deployed across different clouds and providers, which can increase the complexity of the network and the sprawl of tools and services. In this session, you’ll learn how to consolidate networking services and increase agility while migrating workloads into a multi-cloud environment.

Simplifying the Lives of NetOps and DevOps by Enabling Automation and Self-Service in App Delivery

Speakers: Zach Westall, Ken Boccino

Self-service capabilities, automation, and consistency are the hallmarks of modern application development and delivery. Join this breakout session to learn how NGINX Controller can help you streamline your modern application delivery across teams.

Discussion Forums | 45 Minutes

Ask the CTO

Speakers: Geng Lin, Lori MacVittie

Ask F5 CTO, Geng Lin, your most burning tech questions in this Q&A discussion moderated by F5 Technical Evangelist, Lori Mac Vittie.

Remove Friction for Your Known Good Customers

Speakers: Sumit Agarwal, Mengmeng Chen, Yuxi Yao

Every day, your B2C website receives numerous visits from returning good customers. But do you have measures in place to handle them differently than everyone else? Manual login, forgetting password, etc. are all various forms of friction that impedes customer engagements. By removing such friction intelligently, B2C commerce websites can lift 1–2% of top line revenue, allowing security teams to contribute to business outcomes.

Words Matter: Evolving Inclusive Language and Conscious Naming in Tech

Speakers: Jesica Church, Hugh Gilmore

The tech we use and deploy daily is riddled with terminology that is exclusionary and biased. For years, our industry has been making strides towards greater inclusivity, but it will take all of us to create broader momentum and be part of the change. Join a moderated panel to discuss the efforts and issues of driving systematic transformation in partnership with members from the Inclusive Naming Initiative, a global community of professionals from leading organizations whose mission is to help companies and projects remove harmful and unclear language and replace it with an agreed-upon set of neutral terms. 

Labs | 2 Hours

Application Flow Control with iRules

An iRule is a powerful and flexible feature within the BIG-IP Local Traffic Manager (LTM) system that you can use to manage your network traffic. The iRules feature not only allows you to select pools based on header data, but also allows you to direct traffic by searching on any type of content data that you define. In this lab, you’ll learn how to utilize HTTP iRules to direct, secure, and enhance your HTTP(s) traffic. You’ll also get some hands-on time to gain experience writing and troubleshooting iRules.

BIG-IP tcpdump and Wireshark How-To (Self-Guided)

You may find it difficult at times to troubleshoot application traffic coming through BIG-IP. In this lab, you’ll learn how to utilize tcpdump and the F5 Wireshark plugin to gain perspective on how traffic is flowing through BIG-IP and seeing where a performance issue might be found.

Cisco ACI Integration with BIG-IP (Self-Guided)

Gain hands-on experience on how to manage BIG-IP in your ACI + BIG-IP deployment by leveraging the F5 Automation Toolchain and ACI’s programmable App Center framework.

Learn how this simple and native integration aims to solve important real world use cases:

  1. Deep infrastructure visibility into the ACI and BIG-IP deployment
  2. Network and application management on BIG-IP

Join this lab to find out how to leverage APIs to achieve end-to-end network automation workflows and learn how different personas within your organization can benefit from these features and functionalities.

Learn How to Secure Your App in Minutes (Self-Guided)

In this hands-on lab we’ll show you how to take the complexity out of safeguarding your apps with F5 Essential App Protect Service—a feature-rich, checkbox-simple SaaS security solution. You’ll learn how to spin up protection against common web exploits, malicious IPs, and coordinated attacks within minutes, all without requiring extensive security expertise. You’ll experience how developers can protect their apps or tune WAF configuration features through the rich declarative API or an intuitive user interface.  

We’ll cover how to:

  • Set up a trial F5 Cloud Services account
  • Configure Essential App Protect Service for a fictitious app
  • Test the configuration by sending scripted and targeted attacks through Postman and a browser
  • Get hands-on experience with several key use cases that can be easily applied to your app ecosystem
PC 101: Deploying F5 Solutions to AWS with Terraform and CloudFormation (Self-Guided)

In this self-guided lab, you’ll work in a dedicated AWS environment to build an HA pair of F5 Advanced WAFs from an AWS CloudFormation template. Learn how to quickly create virtual servers with a single RESTful API call via the declarative F5 Application Services 3 iControl LX extension.

PC 201: Azure Secure Cloud Computing Architecture (Self-Guided)

F5 and Microsoft Azure Government: Meeting SCCA Requirements. In this lab, we’ll discuss the challenges of the Department of Defense’s (DoD) cloud adoption and examine exciting solutions to meeting complex requirements of a secure cloud architecture. 

During this hands-on lab, we’ll cover:

  • CAP/SCCA/VDSS requirements
  • The status of Azure Government and the programs in place to use it
  • How F5’s Virtual Data Security Stack helps you meet the SCCA mandates
  • Live lab deploying a VDSS into Azure Government Cloud
  • In-depth overview of a POC for a shared VDSS model for cybersecurity service provider organizations
  • Solutions for a virtual, scalable way to meet O365 CAP/VDSS demands using Azure and F5
PC 211: Deploying BIG-IP Multi-NIC HA in GCP using GDM Template

In this lab, you’ll deploy a 3-NIC Google API-based failover-based template and then building upon that with an overview of the F5 failover extension.

SaaS-Based DNS and DNS Load Balancing (Self-Guided)

Learn about the new F5 SaaS-based DNS offerings including DNS secondary configuration and DNS load balancing utilizing F5 Cloud Services.



Breakouts | 25 Minutes

Anatomy of an ATO Attack on Financial Services

Speaker: Anish Johnson, Saurabh Bajaj

With the proliferation of apps that have adopted anti-bot technologies such as Shape Enterprise Defense, attackers are finding it difficult to identify soft targets. Instead of expending resources in an attempt to circumvent anti-automation technologies, fraudsters are pivoting and attacking unprotected email servers that become the steppingstone to the ultimate goal: your customer accounts. This, in turn, has resulted in a change in the credential marketplace landscape. Shape Security has been protecting our customers from automated attacks for years and has observed that fraudsters are left with no option but to revert to manual (i.e., human-driven) fraud methods. For this reason, we’ve developed machine learning models that specifically protect banks, credit unions, and other financial institutions.

Bridging a Zero Trust Chasm: Integrating Azure AD’s Conditional Access with BIG-IP APM’s Identity Aware Proxy

Speakers: Manish Desai, Anitha Mareedu, Jay Kelley

Most organizations are moving toward a Zero Trust security architecture to protect their applications wherever they reside. In order to even begin thinking about deploying a Zero Trust environment, you’ll need to bridge the chasm between modern and classic identity management and authentication. F5 and Microsoft have accomplished that, through the integration of BIG-IP APM and Azure Active Directory. In this session, we’ll dive deeper into how Zero Trust by enabling trusted identity, app access security, and risk management to be applied to every access request on a continuous basis. We’re taking the Zero Trust axiom of “Never trust, always verify” to a new level, adding “Continuously monitor” to the mix.

Building a Fraud Profile with Device ID+

Speaker: Wesley Hales

Device and user identifiers are the common thread that span the entire technology stack. Organizations use them to drive fraud prevention and critical business analytics. Device ID+ is a real-time, high-precision device identifier that utilizes advanced signal collection and machine learning algorithms to assign a unique identifier to each device visiting your site. In this session, we’ll give you a rundown on how Device ID+ works, why it’s important, and how to use it within your application.

Data Driven: Unlocking the Current and Future State of Application Delivery and Security Technologies

Speaker: Lori Mac Vittie

Technologies that deliver and secure applications are the status quo. Without them, applications don't scale, don't perform, and ultimately impact the customer experience. As businesses become digital, the technologies that enable experiences must evolve to deliver the data and actionable insights necessary to optimize and secure applications. This session will explore the current state of application delivery and security technologies and how data unlocks future business and digital capabilities.

Defending Applications from Sophisticated Bot-Driven Fraud and Abuse

Speaker: Saurabh Bajaj, Dan Woods, Brian Uffelman

Bots and unwanted automation drive billions of dollars in fraud losses for organizations around the globe every year. In this session, you’ll learn how F5 and Shape protect against the evolving threats from bots and cybercriminals that drive application fraud and abuse. Shape’s antibot platform uniquely defends against bots and unwanted automation for your customers. Learn how to find and qualify antibot opportunities and protect your customer’s applications from attack.

Device ID+: Identify Your Returning Users Easily

Speakers: Sumit Agarwal, Corey Marshall, Smriti Jaggi

Join this breakout to learn more about Device ID+, a real-time, high-precision device identifier that utilizes advanced signal collection and proven machine learning algorithms to assign a unique identifier to each device visiting your site.

Discover, Analyze, and Secure Your APIs Anywhere

Speaker: Pranav Dharwadkar, Jakub Pavlik

Containerization and serverless computing have had a significant impact on how apps are architected, networked, and secured. In this session, we’ll provide real world examples of app and API security attacks. We’ll also cover the four key security tenets—discover, analyze, secure, and anywhere—that users should look for in an app or API focused security solution.

Down the Rabbit Hole of the Dark Web

Speaker: John Cianfarani

The term "dark web" is used so frequently but what is it and what does it really mean? This session aims to help you understand what you can find on the dark web, interesting stats and trends, how to safely access it, and how to protect your web and mobile applications.

F5 Labs 2021 App Protect Report: Lessons Learned from Security Breaches and Incidents

Speakers: Ray Pompon, Sander Vinberg

Join this session to hear the latest insights from the F5 Labs Application Protection Research Series. We'll share insights from the past four years of data analysis on breach data, global honeypot nets, vulnerability analysis, and customer incident reports, including details on how the pandemic changed cybersecurity and what new threats emerged.

How Has AI Evolved and How Can It Be Used to Predict and Prevent Fraud?

Speaker: Saurabh Bajaj

Over the course of the last decade, the nature of cybersecurity has changed, evolving past the idea of cybersecurity being a system of logical controls to prevent attackers from infiltrating systems, to becoming a data analytics problem based on behavioral analysis of attack patterns to detect them when they do. As such, fraud and abuse have become the primary focus areas for organizations’ defensive efforts, and the use of artificial intelligence—particularly machine learning—has become one of the principal tools. This talk will review how cybersecurity challenges have changed, examine the emergence of credential stuffing as the #1 cybersecurity problem in the world—with real data from major corporations—and demonstrate next generation uses of machine learning in defending organizations and millions of users around the world.

How to Cut Bait from Encrypted Phishing

Speakers: Jay Kelley, Manish Desai, Don Laursen

According to the 2020 Phishing & Fraud Report from F5 Labs, the majority of phishing links—over 71%—use valid HTTPS certificates to appear credible so that they can fool you into clicking on a malicious link. Join this session to learn how F5 SSL Orchestrator can stop the bait used in encrypted phishing and spear phishing campaigns and how it can also secure non-standard ports from being a source of data loss.

How to Stop the Use of Security and Privacy as a Weapon

Speakers: Jay Kelley, Manish Desai, Don Laursen

Today, bad actors are using the same security tools you use against you. They’re able to do this through product specific gaps in modern cipher support, performance limitations, and crypto complexity, bypassing the security you’ve deployed. In this session, you’ll learn how to simplify the traffic decryption challenge and secure against data exfiltration and C2 communications with effective decryption of outbound network traffic. See how your organization can support both legacy and modern ciphers while protecting against cipher mismatches and unintentional bypass, plus enable intelligent decryption bypass for privacy regulation adherence. And finally, we’ll help you understand how to encrypt the entire “hello” process and import visibility solutions.

Improve Security Across the F5 WAF Engine with Better Visibility, Correlation, and Auto-Response

Speakers: Frank Strobel, Matt Westover – Stellar Cyber

With F5 and Stellar Cyber, enterprises gain 360-degree visibility across their IT operations and can more easily remediate any security vulnerabilities that do arise. Stellar Cyber provides a leading open security operations platform providing high-speed, high-fidelity threat detection across the entire attack surface, and F5 is the industry leader in protecting apps. By consolidating visibility and analytics across F5’s WAF products through Stellar Cyber, this joint solution delivers best-of-breed protection, 360-degree visibility, high-fidelity detection, and fast remediation—all easily accessed through a single, intuitive user interface.

NIST Zero Trust Architecture: Not Just for Federal Agencies Anymore

Speakers: Jay Kelley, Manish Desai

As many employees and other personnel continue to work remotely, organizations­—including government agencies and ministries—have begun to evolve their thinking on Zero Trust security architectures. Organizations are becoming more comfortable with the idea of working remotely and are seeking to lay the foundation for securing this new working style. Most U.S. and foreign government agencies,—and even highly regulated private sector industries such as financial services and healthcar­­e—are viewing the National Institute of Standards and Technology (NIST) Special Publication 800-207 Zero Trust Architecture as a guide on how to deploy a Zero Trust model. In this session, you’ll learn how F5’s security portfolio maps to the NIST 800-207 guidelines to assist not just U.S. federal agencies, but also foreign governments and private sector organizations, in rapidly adopting a Zero Trust architecture to augment their existing security investments, and to help develop new, safer workflows and operations.

Securing Modern Apps at the API Level

Speaker: Pranav Dharwadkar

In this session, we’ll explore how best to address the challenges of securing modern microservices apps at the API level by leveraging machine learning and API auto-discovery and control.

Security Automation for Modern Apps with F5, Red Hat Ansible, and Elastic

Speakers: Eric Ji, Matt Quill, James Lee

In modern application architectures, security concerns are more complex than ever. In this session, we’ll explore how you can implement a layered security policy for your modern app environment through a combination of F5 Advanced WAF and NGINX App Protect, tailored to the needs of different cybersecurity teams of NetSecOps and DevSecOps. We will also show how NGINX+, Elastic, Red Hat Ansible, and Red Hat OpenShift work together to automate remediation tasks in your IT environment.

See How F5 SAFE Can Protect Your Users and Keep Fraudsters at Bay

Speakers: John Cianfarani, Anish Johnson, Payal Shah

Throughout the COVID-19 pandemic, many of F5’s customers have seen a noticeable uptick in new account applications coming in and have had to adjust operations as their current customers adjust their usage patterns. If you’re seeing similar trends and are concerned about how to ensure a smooth experience for users while keeping malicious actors out, join this session and see how F5 SAFE can help. As users visit and interact with your site or application, SAFE inconspicuously collects several hundred signals across user journey, behavior, and environment, and evaluates the risk of account opening or account takeover fraud using a customized machine learning model tuned for your enterprise.

Shifting Security to the Left

Speaker: Jay Kelley

A cultural shift is underway in how organizations look at security. Organizations with a traditional “security as the gatekeeper” mindset cannot scale and be effective in an environment where change is rapid and continuous. An important component of this cultural shift is the need to quickly abandon the concept of security as the gatekeeper and then embrace security as a shared responsibility across disciplines and teams. Join this session to find out how security controls can shift further left in the CI/CD pipeline and how the responsibility for security can be shared throughout the development process.

The Impact of (Skyrocketing) Unemployment Fraud During COVID-19

Speakers: Payal Shah, Josh Goldfarb

The COVID-19 pandemic has affected billions of people around the world. Aside from the virus’ health ramifications, the corresponding lockdowns, travel restrictions, and closures have brought with them a tremendous economic impact. The unfortunate result is that many are hurting financially, having lost their jobs or otherwise suffered a drastic reduction in income. By implementing controls to prevent and monitor fraud, state agencies can greatly reduce the amount of unemployment fraud. Join this session to learn how Shape has been able to facilitate millions of dollars in fraud savings for organizations during the pandemic.

Discussion Forums | 45 Minutes

Application Protection in the Era of COVID-19

Speaker to be announced

The COVID-19 pandemic has introduced complexity and chaos into nearly every aspect of our lives. The associated surge in unemployment fraud merely adds to that chaos. Rather than giving up and opting to live with billions of dollars in fraud losses each year, the time has come to take action. Join this discussion to find out how fraud detection and prevention platforms such as the Shape AI Fraud Engine (SAFE) can empower us to identify and stop different types of fraud, including unemployment fraud.

Automating Application Security with F5 and Ansible

Speakers: James Lee, Matt Quill

This discussion will explore how NGINX App Protect, in combination with Ansible automation, can respond in real time to application threats. We’ll whiteboard out the process by which a threat is detected and a WAF policy is enforced automatically.

Talking Real Attacks with F5’s Security Operations Center Analysts

Speakers: Nic Garmendia, Edgar Ojeda, Lori Seabright

F5’s Security Operations Center (SOC) analysts are on the front lines, working 24x7 with customers to thwart attacks and add protections to keep their businesses up and running. In this session, our DDoS and WAF analysts will walk thru real attack scenarios and share best practices on how you can remain vigilant against persistent attackers. Cyberattacks are not going away so learn from the experts who have visibility into the attacks impacting businesses like yours.

The State of Identity in the Online World

Speaker to be announced

Join us for an interactive conversation about how Shape Security's real-time, high-precision device identifier can protect your users, applications, and data by utilizing advanced signal collection and proven machine learning algorithms to assign a unique identifier to each device visiting your site.

Lightning Sessions | 10 Minutes

API Security: NGINX App Protect and the Best Partner Solutions

Speakers: Scott Laster, Srikanth Thadigol Reddappa

The speed at which the API economy is accelerating requires equally nimble security in front of these microservices. Join this lightning session to find out how NGINX App Protect is delivering on the concept of Security as Code and—when combined as a joint solution with other leading API tooling vendors—can deliver significant value to API publishers.

Bottomline Fraud Loss Reduction: Defending Against Account Takeover Fraud and Account Opening Fraud

Speaker: Partha Sarathy

Join us to learn how Shape can help you detect fraud in your applications and prevent the resulting revenue losses.

Design Options for Improving Security with SSL Orchestrator in ACI Environments

Speakers: Pat Campbell, James Lee

Join this lightning session to gain insight into how F5 SSL Orchestrator can secure Cisco ACI deployments.

Orchestrated Infrastructure Security: Changing Security at the Speed of Business

Speaker: Kevin Gallaugher

The way we do business is constantly evolving. Most organizations’ changes need to happen quickly or they risk losing revenue and opportunities. In this session, learn how F5 SSL Orchestrator can simplify change management for security devices (e.g., WAF, NG Firewall) and shorten the duration of the entire process. You’ll learn how to simplify stack change management and minimize the negative impacts due to it.

Protecting Billions of Transactions Per Week with Shape Enterprise Defense

Speakers: Shehzad Shahbuddin, Carlos Asuncion

COVID-19 has accelerated the digital shift by at least two years, with some estimates pointing to as much as a five-year acceleration. Learn how Shape Enterprise Defense protects your customers from sophisticated automation attacks that can result in widespread hijacking of your customers' accounts.

Real-Time Device Intelligence: Identify Each Device Visiting Your Website

Speakers: Smriti Jaggi, Gary Newe

Device ID+ is a real-time device identifier that utilizes advanced signal collection and proven machine learning algorithms to assign a unique identifier to each device visiting your site. In this session, you’ll learn how Device ID+ can help you strengthen app security by detecting or blocking known bad devices, optimize traffic management, mitigate fraud and risk, personalize and accelerate online experiences for known devices, and more.

Rescuing Real Users Lost Due to Login Friction

Speaker: Mengmeng Chen

Capturing the attention of consumers and leading them to your website is an expensive proposition for an online retailer. Learn how even seemingly small improvements in the conversion from shoppers to buyers can yield significant revenue and margin improvements

Securing Remote Access: Moving Toward Zero Trust

Speakers: Pat Campbell, Aaron Hansen, Cisco

Find out how you can allow users to authenticate in seconds ​while effectively blocking unmanaged, unauthorized, and non-compliant devices.

Interactive Demos | 10 Minutes

Combating Account Takeover

Shape Security has been protecting our customers from automated attacks for years and have developed industry-leading methods for defending against Account Takeover (ATO) attacks. Join this demo to learn more about Shape's machine learning models that leverage unique signals collected in the web browser to identify humans with malicious intent.

Controlling OTT Video in Service Provider Networks

The volume of over-the-top (OTT) encrypted video can be up to 70% of internet traffic. This presents a challenge for service providers as congestion in the network can impact the video performance for fixed and mobile network subscribers. Join this interactive demo to see the latest release of F5's Policy Enforcement Manager (PEM) which includes new features that allow service providers to monitor and control video traffic to ensure a high-quality end user experience.

F5 and Cisco ACI Integration: F5 ACI ServiceCenter

In this interactive demo, you’ll see how the F5 ACI ServiceCenter app runs natively in Cisco’s Application Policy Infrastructure Controller (APIC), providing administrators with a single point of automation and visibility for L2–3, as well as L4–7 app services between F5 BIG-IP and Cisco ACI.

Protect Customers' Data and Your Brand with Shape Client-Side Defense

Learn how to protect your customers’ data and your online business from direct attacks to the first- and third-party JavaScript components with Shape Client-Side Defense.

Securing Modern Apps at the API Level

In this session, we’ll explore how best to address the challenges of securing modern microservices apps at the API level by leveraging machine learning and API auto-discovery and control.

Silverline Shape Defense: Advanced Bot Detection That Helps Prevent Large Scale Fraud

Silverline Shape Defense is a managed security service that protects your web applications from automated bot attacks to prevent large-scale fraud, inflated operational costs, and friction for your end users. Join us for a hands-on demo to learn how to learn how Silverline Shape Defense protects your web apps from bots and other automated attacks by delivering continuous protection, even when attackers retool. The managed service prevents sophisticated attacks, including those on the OWASP Automated Threats to Web Applications list.

VMware Horizon with BIG-IP APM

Description coming soon

VMware NSX-T Integration Topologies

Join this lightning session to better understand the different topologies of deploying BIG-IP in an NSX-T environment.

Labs | 2 Hours

Access 101: Intro to Access (Self-Guided)

This is an introductory lab focused on F5 Access Policy Manager (APM). In this lab, you’ll learn the fundamental concepts of BIG-IP APM and learn about the components within the module.

During this lab you’ll cover:

  • Provisioning and main menu navigation
  • Access guided config concepts
  • Authentication types and frameworks
  • Visual Policy Editor concepts
  • Access log overview
  • Access policy frameworks
  • Webtop concepts
Access 102: Access Building Blocks (Self-Guided)

In this BIG-IP Access Policy Manager (APM) Lab, you’ll work through the fundamental building blocks and intermediate concepts leveraged in Access. You will build on the fundamental concepts from the 101 class and delve into more complex authentication with per session and per request policies.

During this lab you’ll learn:

  • Access policy frameworks
  • Client-side authentication
  • Server-side authentication
Access 201: Zero Trust: Identity Aware Proxy

Security is becoming more challenging as organizations shift to a remote workforce and applications reside in multiple locations beyond the enterprise data center. This has caused organizations to look for new and innovative ways to solve the complex problem for real-time authentication and authorization controls.

F5’s Zero Trust Architecture uses the Identity Aware Proxy (IAP) to create real-time contextual access decisions regardless of endpoint location. Contextual access can come from a multitude of sources including Identity providers, client posture, resource posture, or integration third party tools.  

During this hands-on lab you will learn how to configure the following:

  • Configure IAP using guided configuration
  • Conduct Client posture assessments using F5 Access Guard
  • Collect resource and third-party data via HTTP connector
Access 301: Per-Request Application Control

Request-by-request security is a foundational element when considering modern application delivery and security. Beyond single session authentication security, the need and ability to control access based on dynamic changes to the user, client, resource posture or external telemetry is critical and factors into Zero Trust architectures. In this lab, you’ll explore F5's per-request policies and apply their functionality to control secure access to applications.

During this hands-on lab you will learn how to:

  • Configure per-request policies using guided configuration
  • Create dynamic per-request policies to control access and security
  • Use OAuth in conjunction with per-request policies to control application access
Access 401: BIG-IP APM Automation

Did you know you can implement BIG-IP Access Policy Manager (APM) solutions through automation? Learn how to navigate the APM REST API, attach policy with AS3, and build BIG-IP APM objects and policies through imperative calls.  

During this lab, you will learn how to:

  • Configure iControl REST navigation and AS3 declarations
  • Build APM objects
  • Create per-session policies
  • Create per-request policies
  • Deploy solutions through automation
Advanced Multi-Layer Firewall Protection (Self-Guided)

BIG-IP Advanced Firewall Manager (AFM)’s unique application-centric design enables greater effectiveness in guarding against targeted network-level attacks. It tracks the state of network sessions, maintains deep application awareness, and uniquely mitigates attacks based on more granular details than traditional firewalls. The purpose of this lab is to walk you through the setup of BIG-IP AFM to protect applications at multiple layers of the OSI stack, thereby providing advanced application security control. This, in effect, allows BIG-IP AFM to be multiple firewalls within a single platform.

BIG-IP AFM DDoS and DNS DoS Protections (Self-Guided)

Description coming soon


Investigate and explore the movement to DNS over HTTPS and TLS and create a DNS server that will respond to DOH and DOT with F5.

Securing Your Application with iRules (Self-Guided)

F5 iRules can be used to fix things that are missing or hard to solve for in the existing application stack. F5 iRules give you the power and flexibility to fill security gaps. This self-guided lab will show you a handful of ways to use iRules to defend and protect against malicious activity in your enterprise.

SSLO 101: Essential SSL Visibility with SSL Orchestrator

As the volume of data continues to grow at a rapid pace, more companies are deploying Secure Socket Layer (SSL) and Transport Layer Security (TLS) solutions to encrypt data in transit.

In this “follow me”-style lab, you’ll learn how F5 SSL Orchestrator maximizes visibility across your network, increases infrastructure efficiencies, and heightens security by:

  • Effectively inspecting encrypted traffic
  • Supporting multiple deployment modes
  • Easily integrating with complex architectures for optimal flexibility.
SSLO 201: SSL Orchestrator: Real World Use Cases and Putting It to Use (Self-Guided)

As organizational requirements change, so does the need to update security polices and add additional features to existing SSL Orchestrator deployments. This lab will demonstrate how easy maintenance can be within the SSL Orchestrator dashboard.


You’ll learn to understand the SSL Orchestrator dashboard, tune security polices, and add authentication to allow access to an outbound SSL Orchestrator topology by: 

  • Establishing baselines to accurately determine anomalies or security events
  • Modifying existing SSL Orchestrator configurations to keep up with business and security demands
  • Integrating authentication and membership checks to customize user experiences
WAF 111: Protect Against the OWASP Top 10

The OWASP Top 10 is the de facto list of the top 10 most prevalent web application attacks. A challenge for many security practitioners is taking this list of high-level attacks and turning them into real, actionable protection of their applications. In this lab, we’ll demonstrate how to quickly protect against the OWASP Top 10 by leveraging solutions across the F5 technology portfolio, primarily, BIG-IP Advanced WAF in addition to NGINX WAF and F5 iRules for AWS WAF.

WAF 111: Getting started with WAF, Bot Defense, and Threat Campaigns

In this lab, you’ll learn how to approach a WAF deployment and add security in layers to protect the application from known attacks—the negative security model.

Topics covered:

  • IP Intelligence
  • Geolocation
  • Bot defense
  • Threat campaigns
  • Transparent mode policy
  • Server technologies
  • Evasion techniques protection
  • Attack signatures and more

Interest in WAF, no working knowledge of F5 Advanced WAF needed, although helpful

WAF 241: Elevated WAF Security

Take your security policy to the next level. Use traffic learning to phase in a more restrictive positive security posture. We’ll cover elevated bot protection, learning and positive security, L7 DoS protection, and login page protection. 

Topics covered:

  • Bot defense – blocking mode
  • Cookie tampering protection
  • HTTP redirection protection
  • Learning – file types
  • Learning – headers
  • Login pages
  • DoS and behavioral DoS 

Soft requirement of the WAF 141 lab

WAF 341: Advanced Protection and Positive Security (Self-Guided)

Learn how to layer on additional security features and further enhance WAF policy using learning of parameters and URLs.

Topics covered:

  • Anti-bot mobile SDK
  • Brute force protection
  • Credential stuffing protection
  • Data guard
  • Data safe
  • HTTP methods control
  • Meta character enforcement
  • Learning – parameters
  • Learning – URLs
  • Sensitive data – masking in logs
  • Session hijacking protection
  • User session tracking

Soft requirement of WAF 241 or working knowledge of WAF policy and learning

WAF 342: Automating Advanced WAF (Self-Guided)

Join this lab to learn how to integrate your Advanced WAF into your CI/CD pipeline.

Topics covered:

  • Best practice policy recommendations for this scenario
  • Declarative WAF API (new feature introduced in 15.1)
  • WAF policy templating 
  • Integrating your WAF as part of your AS3 declaration 
  • Testing the effectiveness of your WAF 

Familiarity with CI/CD and ASM, some experience with AS3 and ASM is recommended, but not required

WAF and BIG-IP APM API Security and Management

As the dependency of API usage increases across organizations, so do the tools used to protect them. APIs were historically protected through dedicated API gateways performing complex tasks. The complex requirements for API gateways have decreased as the adoption of REST has increased in organizations. API gateways have been narrowed to three specific requirements: authentication, authorization, and content validation.

Using F5 Advanced WAF in conjunction with BIG-IP Access Policy Manager (APM), an organization can not only achieve the requirements needed for a traditional API gateway but increased security and authorization controls.

During this hands-on lab, you’ll learn how to:

  • Build an API protection profile using OpenAPI spec files 
  • Configure BIG-IP as a resource server for OAuth and OIDC for course-grain access control
  • Configure BIG-IP APM’s per-request policy engineer to provide fine-grain access control 
  • Configure Advanced WAF to protect against common API attacks