I am stating the obvious here I know, but how many of you out there have worked at places where people guard their security knowledge like it’s KFC’s secret recipe for chicken?  Have you ever had to work with a security expert that can tell you every law of governance, but never truly explain WHY those laws are in place?  Ever talk to a business partner not in I.T. that just didn’t get why the web applications needed to be protected by a web application firewall or why ALL the ports on the firewall couldn’t be opened up?  I talked to a large number of people that worked at well known companies and each said that is the case where they work.  Of the group I talked to it was about 50% from the business arena and 50% from the IT side of the house, but they were all there for a common goal….

The SecureWorld Expo is a place where people can go to learn the WHY.  Not just I.T. folks, but people from all aspects of business as well.  They can talk to industry leaders and experts about things that are going down past, present and future.  It is all about translation and communication of the most up-to-date information available.  How up-to-date is the information that is covered?  The second day of the expo, the speaker Dan Greer came out to the podium and started talking about the SSL Man-in-the-Middle Renegotiation story that just broke in the news.  I have to say my hats off to the folks in the DevCentral community to, shortly thereafter, a way to mitigate the attack showed up on DevCentral (Lupo, thanks for your contribution!)… it can be found in the forums at http://devcentral.f5.com/Default.aspx?tabid=53&forumid=5&postid=86456&view=topic

Other than the open sharing and exchange of knowledge, the excellent speakers, free vendor loot and good food, the other thing that is great about the SecureWorld Expo is the fact that you get CPE credits for attending the various events.  Depending on the events that you sign up for you can either earn a 12 CPE or a 16 CPE Certificate of Attendance.  This is outstanding for those that have CPE requirements to meet and keep up with.  Not only can you obtain a lot of CPE’s in a short time, but it is also very cost effective.  You definitely get more bang for your buck at a SecureWorld event than you do at many others.

So what was covered in this “Nexum LTM Workshop”?  Quite a bit actually and it was all very well planned out.  The workshop was lead by a gentlemen named Peter Maag, who is a Senior Security Expert with Nexum.  I believe that part of what made this event so much fun for me was that it was obvious that Mr. Maag knew his stuff and (of course) I like talking about the capabilities of the BIG-IP line. 

Peter began by giving a brief introduction, explaining who he was and the services provided by Nexum.  I have to admit that I was unaware that Nexum was such a versatile company.  I believe it is so versatile and one of the fastest growing private companies because of them hiring and keeping talent like Mr. Maag around.  But that is a different philosophical discussion that perhaps I will touch on at some other time.  If I ever take up being a philosopher.

Then after the intro… it was f5 time!  For those in the audience not familiar with the BIG-IP product line Peter gave an overview of products available from f5 Networks.  He took the time to provide a clear picture of each modules functionality and I feel that he did the products justice.  He then steered the presentation to the real meat of the workshop which was the LTM module.  Virtual Servers, Pool Members and Nodes were all explained as well as the basics of configuring load balancing.  We spent some time discussing the full proxy architecture of the LTM module and we where then guided through a load balancing demo.

This lead into a discussion about monitors, persistence profiles, SSL termination and ended with a demo over those concepts.  There were a few questions at this point, as members of the audience asked questions such as “How long are self signed certificates valid for if they are generated on the f5 BIG-IP?” and “What are the different methods available for Cookie Persistence?”.  All of which were answered concisely and followed up with live demonstrations performed on a BIG-IP unit running TMOS version 10.x.  How cool is that?

We then went into a discussion about iRules.  Peter provided a number of examples of how to use iRules to pull off complicated tasks very easily.  In one example he showed how you could direct web traffic coming from an iPhone to a different set of servers than the ones used to serve up content to standard desktop browsers.  To augment the workshop Nexum provided an excellent booklet which just so happens to have a very handy page that lists almost all of the iRule Events that can be used in iRule generation.

We went over several other things, but the jest of this entry isn’t to really rehash everything that we covered.  The purpose is to encourage everyone using the LTM module to go check one of these workshops out.  Peter Maag did a phenomenal job explaining things for newcomers and veterans alike, which is not an easy thing to do.  To summarize, if you have just recently purchased an f5 BIG-IP product or are looking into purchasing one, attend one of these workshops.  You will walk away a wiser person and I cannot think of a better way to sell someone on f5 BIG-IP products.  Once you see it in action you will be wondering why you have stuck with Brand X for so long.

My next entry will be over the value of attending the SecureWorld Expo.  Is it worth the cost if you had to pay for it out of your own pocket?  What are the driving reasons for one to attend such an event?  I will be asking those questions and more soon and you may be surprised by my conclusions.  Stay tuned.

What a great way to segway into my first SecureWorld Expo blog entry!  Be afraid, be very afraid…  I am just kidding of course.  The Expo was excellent and I walked away from the event a wiser person.  It definitely helped me look at things differently and as Ralph Waldo Emerson once said, “Fear always springs from ignorance.” 

Man, oh man.  I think I may have committed a blunder of cosmic proportions.  Are you allowed to quote Yoda and Emerson in the same blog post?  Yes? No?  Anway, moving on…

The Expo started off with an awesome keynote by a very nice man named Jeff Bardin.  His topic was “Extremist Online Social Networks – Jihadis” and I was enthralled the whole time.  The banners that he had up on his very first presentation slide are the same web site banners that I have helped keep off of our network up at work.  When I saw those banners, I knew that he was going to be talking about a topic that hit close to home.

After taking the stage Mr. Bardin began explaining how Jihadis use resources provided by many American companies against America.  He talked about the Madrid train bombings, how Jihadis are using software like vBulletin and hacked copies of various software suites to pull off all kinds of nefarious acts.  He also discussed with great clarity how Jihadis are continuing to demonstrate their technical prowess.

Now I will not provide any more information about his presentation other than that.  Not because I do not want others to have the information, but because I cannot do the subject justice.  Mr. Bardin is an expert in his field and has spent countless hours researching, compiling information and teaching others.  I do not wish to diminish his work in any form or fashion.  Check out that link that I provided and the one at the bottom of this post for more information.

I would advise anyone, if Mr. Bardin is speaking at an event within a 12 hour driving distance, make the drive.  It really was that good.

After his presentation he stayed for a while answering questions.  I waited in the background for a bit, allowing others to ask questions as I listened in an attempt to take in as much information as I could.  When I did finally open my mouth he kindly gave me a his business card and answered all of the questions I had.  Anybody that will go out of there way to answer questions and share knowledge like Mr. Bardin did is a good man in my book.

For those seeking more information about Jeff Bardin and Treadstone 71, here is a link to some great information that will save you a trip to Google: http://blogs.csoonline.com/user/jeff_bardin

So what is coming up next?  Well I can’t go to long without talking about the F5 BIG-IP product line!  I am The F5 Guy after all.  My next post will be about the Nexum LTM Workshop that was lead by Peter Maag.