Using Technology to enable and transform Business Strategy

IT Strategy

Subscribe to IT Strategy: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get IT Strategy: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

A strategy is a planning document that sets a direction for future work to ensure that you end up where you want to be. A strategy allows you to see the wood, despite the trees. A strategy is often used as a management tool for securing the resources needed to get there IT is now part of the business and forward looking organisations will have senior IT people responsible for helping devise the Corporate Business Strategy Business Strategy This will include discuss for the next few years how it intends to grow and maintain the business. It may mean doing things like: Starting new business lines Expanding new business areas, new locations, products enhancements Adding new distribution channels Making better use of existing customer to cross sell Reducing costs Stopping businesses Regulatory changes IT Strategy Technology needs to ensure business are agile that can mee... (more)

What Is #MQTT? | @ThingsExpo #IoT #M2M #RTC #DigitalTransformation

The mad dash to connect virtually every noun to the internet or the Internet of Things is creating a massive M2M network for all the devices, systems, sensors and actuators to connect & communicate on the Internet. With that, they need a communications protocol to understand each other. One of those is Message Queue Telemetry Transport (MQTT). MQTT is a “subscribe and publish” messaging protocol designed for lightweight machine-to-machine (or IoT) communications. In this episode of Lightboard Lessons, I light up how MQTT works. ps Related: IoT Ready Infrastructure IoT Effect on Applications IoT Influence on Society What are These "Things? The Intruders of Things Internet of @ThingsExpo, taking place June 6-8, 2017 at Javits Center, New York City, is co-located with 20th International @CloudExpo and will feature technical sessions from a rock star conference facult... (more)

Trust Is Not a Control | @CloudExpo @SAP #GRC #SOD #AI #Cybersecurity

The origins of SAP GRC software goes back decades, but adoption has been slow. But with the rigor of modern compliance regimes like SOX, coupled with the sheer volume and complexity of online transactions, there's been an accelerating movement away from document-centric review processes to automation. There are a variety of SAP process control and access control solutions that can monitor transactions, alert on potential SOD conflicts, and facilitate remediation. Companies implementing GRC software stick segregation of duties in IT for obvious reasons: IT handles the Basis administration, which implements the security model They understand security concepts like the principle of least privilege Often, they're the only ones who can make heads or tails of the SAP GRC software output But in reality, sticking segregation of duties in IT is asking for trouble. Why Keep... (more)

Lightboard Lessons: What is a Proxy?

The term ‘Proxy’ is a contraction that comes from the middle English word procuracy, a legal term meaning to act on behalf of another. In networking and web traffic, a proxy is a device or server that acts on behalf of other devices. It sits between two entities and performs a service. Proxies are hardware or software solutions that sit between the client and the server and do something to requests and sometimes responses. In this Lightboard Lesson, I light up the various types of proxies. ps Related: Encrypted malware vs. F5’s full proxy architecture The Concise Guide to Proxies The Full-Proxy Data Center Architecture Three things your proxy can’t do unless it’s a full-proxy Back to Basics: The Many Modes of Proxies ... (more)

Shared Authentication Domains on BIG-IP APM

How to share an APM session across multiple access profiles. A common question for someone new to BIG-IP Access Policy Manager (APM) is how do I configure BIG-IP APM so the user only logs in once. By default, BIG-IP APM requires authentication for each access profile. This can easily be changed by sending the domain cookie variable is the access profile’s SSO authentication domain menu. Let’s walk through how to configure App1 and App2 to only require authentication once. We’ll start with App1’s Access Profile. Once you click through to App1’s settings, in the Top menu, select SSO/Auth Domains. For the Domain Cookie, we’ll set the value to f5demo.com since App1 and App2 use this domain and it is a FQDN. Of course, click Update. Next, we’ll select App2’s Access Profile. Like App1, we select SSO/Auth Domains and set the Domain Cookie value to f5demo.com. To make sur... (more)

Lightboard Lessons: IoT on BIG-IP

As more organizations deploy IoT applications in their data centers and clouds, they’re going to need their ADC to understand the unique protocols these devices use to communicate. In this Lightboard Lesson, I light up how IoT protocol MQTT (Message Queuing Telemetry Transport) works on BIG-IP v13. iRules allow you to do Topic based load balancing along with sensor authentication. And if you missed it, here is the #LBL on What is MQTT? ps Related: Lightboard Lessons: What is MQTT? Security Trends in 2016: Securing the Internet of Things The Intruders of Things The IoT Ready Platform Using F5 BIG-IP with IBM MessageSight ... (more)

High Availability Groups on BIG-IP

High Availability of applications is critical to an organization’s survival. On BIG-IP, HA Groups is a feature that allows BIG-IP to fail over automatically based not on the health of the BIG-IP system itself but rather on the health of external resources within a traffic group. These external resources include the health and availability of pool members, trunk links, VIPRION cluster members or a combination of all three. This is the only cause of failover that is triggered based on resources outside of the BIG-IP. An HA group is a configuration object you create and assign to a traffic group for devices in a device group. An HA group defines health criteria for a resource (such as an application server pool) that the traffic group uses. With an HA group, the BIG-IP system can decide whether to keep a traffic group active on its current device or fail over the traff... (more)

Lightboard Lessons: The BIG-IP Profiles

BIG-IP can manage application-specific network traffic in a variety of ways, depending on the protocols and services being used. On BIG-IP, Profiles are a set of tools that you can use to intelligently control the behavior of that traffic. In this Lightboard Lesson, I light up the BIG-IP Profiles. What they are, what they do and why you should care. ps Related: Lightboard Lessons: BIG-IP Basic Nomenclature Lightboard Lessons: Device Services Clustering ... (more)

Deploy BIG-IP VE in Microsoft Azure Using an ARM Template

Azure Resource Manager (ARM) templates allow you to repeatedly deploy applications with confidence. The resources are deployed in a consistent state and you can easily manage and visualize resources for your application. ARM templates take the guesswork out of creating repeatable applications and environments. Deploy and deploy again, consistently. Let’s walk through how to deploy a simple, single-NIC configuration of BIG-IP VE in Microsoft Azure using an ARM template. First, go to the F5 Networks Github site where we keep our supported templates. There are other community-based templates at www.github.com/f5devcentral if needed but for F5 supported templates, go to the F5 Networks site.   To view Azure templates, click f5-azure-arm-templates. In that folder you’ll see experimental and right under that is supported (the one you want). Then click on the standalon... (more)

Q/A with Betsson’s Patrik Jonsson – DevCentral’s Featured Member for April

Patrik Jonsson lives in Stockholm with his wife and son and works as a network engineer for a company providing online casino games across the world. Outside work, he likes to spend time with his family, play around with his home VMware lab and enjoys watching movies. He also loves travelling and having a beer with friends. Patrik is also a 2017 DevCentral MVP and DevCentral’s Featured Member for April! DevCentral got a chance to talk with Patrik about his work, life and his project the BIG-IP Report. DevCentral: You’ve been a very active contributor to the DevCentral community and wondered what keeps you involved? Patrik: One of the best, and fun ways to learn new things is to take on problems, or discussions presented by fellow technicians. It forces you to continuously challenge what you think you know and keeps your knowledge up to date. In addition, when I ne... (more)

Protecting API Access with BIG-IP using OAuth

As more organizations use APIs in their systems, they’ve become targets for the not-so-good-doers so API Security is something you need to take seriously. Most APIs today use the HTTP protocol so organizations should protect them as they would ordinary web properties. Starting in v13, BIG-IP APM is able to act as an OAuth Client, OAuth Resource Server and OAuth Authorization Server. In this example, we will show how to use BIG-IP APM to act as an OAuth Resource Server protecting the API. In our environment, we’ve published an API (api.f5se.com) and we’re trying to get a list of departments in the HR database. The API is not natively protected and we want APM to enable OAuth protection to this API. First, let’s try an unauthenticated request. You can see we get the 401 Unauthorized response which is coming from the BIG-IP. In this instance we’re only sending 3 header... (more)