Emirates NBD Bank
Total years of experience :14 years, 6 Months
Creating standard based ASM templates for internal and external application. Update existing ASM policy to be as per standard templates.
Role: Implementation of new ASM policy and fine tuning existing policy based on standard based templates.
* For new application creating ASM policy in learning mode.
* Once testing is completed to share the learned URL, parameters, File Type, Cookies and attack signatures using scripts, which generates the report in CSV format.
* Once application team confirms the valid URL, parameters, File Types to update the existing policy and put the policy in blocking mode for further fine tuning.
* For existing applications ASM policy to share the current configuration and what ASM settings are not proper.
* Once application teams shares the updated final URLs, file types and parameters to update the existing Policy.
* Fixing any issues find in production and test environment for F5 LTM, GTM and ASM.
* Fine tuning ASM policies for any Block page
1. F5 end to end Automation using Ansible
F5 is acting as a load balancer and the entry point for OMA POC solution. I was responsible for creating virtual server and Wide-IP configurations in F5. SIP signaling and voice media packets and HTTP traffic flows through F5.
F5 has to be DNS server responding to DNS queries, load balancer and to provide protection to the backend server by throttling message more than the configured limit on different virtual server types.
Role:
* Design and implementation of SIP, Media and HTTP virtual servers and other virtual servers needed for OMA POC solutions
* Complete understanding of configuration files like bigip.conf, bigip_gtm.conf and bigip_base.conf. Can able to manipulate these files to bring configuration change which was not feasible through GUI or tmsh commands. I have enough confidence to play with these files.
* After the first outage was responsible for writing iRule which has to respond to most of client request and was implemented within 2/3 weeks in production.
* Troubleshooting of any issues in F5 and to resolve the issue with provided logs and packet capture
* Written complex iRules for SIP, so that F5 acts as a proxy and provides Full cone NAT support.
* Made the SIP virtual server DoS protected using iRules.
* HTTP Method level Throttling for HTTPS virtual servers using iRules.
* Traffic testing for different virtual servers.
* Any issues in production system to give RCA for the issue.
* Was involved identifying the list of IP address which are involved in DOS attack on Media virtual servers and adding those IP address in to Black Listed IP address list using packet filters
* Provided a script which can analyze a packet capture file and identify the IP address that may have involved in DoS attack.
Initial role was design, development and unit testing of OMA Presence server.
* Later moved into design and implementation of various virtual servers for SIP, Media and HTTP servers using iRules in F5
1. OMA Presence Server
5. Maintenance of Load (MoL) of
4.
Product
Automating most of the repetitive day to day task
Role: Automating LTM / ASM configurations and learning ASM suggestion using Ansible/Python
LTM:
* For LTM created automation framework with which we can automate almost all the LTM related configuration like Virtual servers, Pools, Profiles (HTTP, TCP SSL profile, persistence profiles) Monitors
* Take input in CSV file with details like VS IP, Pool member IP, Monitor string etc and create all configuration required to create a virtual server
ASM Policy creation:
* For new setup create ASM policy from templates.
* To migrate existing setup from Test environment to production environment. Download ASM policy from Test environment and upload it in production environment along with virtual server creation.
ASM Policy learning:
* In Test environment which are in learning mode developed script to download all the ASM suggestions in CSV format.
* After reviewing and updating suggestion to add in CSV file. Execute the script to add the suggestion to ASM Policy
* For special characters, attack signatures and violations sharing the CSV file with security team for approval.
* After approval executing to add the approved suggestion to ASM policy
ASM Block page display:
* To minimize number of request from application team to know why the request was blocked created a webpage
*The webpage is served by python script which gets support-ID and using REST API fetch all relevant details why the request is blocked
* Renders the details in JSON format.
* Application team can directly request security team for required approvals.
* This minimizes the number for request we receive just to download the support ID page from ASM logs
courses: F5 Certified Administrator (F5-CA) * F5 Certified Technology Specialist – LTM (F5-CTS-LTM) * F5 Certified Technology Specialist – GTM (F5-CTS-GTM)
(
