This repo demonstrates many of the security service configurations as well as examples of how to replace iRules in XC using Service Policies and L7 Routes.

• HTTP Load Balancer
  • IP Reputation
  • Dataguard
  • Source IP Stickiness
• TCP Load Balancer
  • SSH Load Balancer
  • Source IP Stickiness
• UDP Load Balancer
  • DNS Load Balancer
• WAAP / WAF
  • Blocking
  • Default Detection
  • Threat Campaigns
  • Default Bot
• Service Policy
  • Allow IPv4 Prefix
  • Deny by ASN
  • Deny by Country List
  • Deny by Header
  • Deny by IP Reputation
• Routes
  • Simple
  • Redirect [iRule Replacement: HTTP::redirect]
  • Direct Response [iRule Replacement HTTP::respond]
  • Custom
  • [HEADER] [iRule Replacement] Accept-Language Based Redirects
  • [HEADER] [iRule Replacement] WWW-Authenticate NTLM Killer
  • [Rewrites] [iRule Replacement] URI Rewriting
  • [Rewrites] [iRule Replacement] Manual Host Rewriting
  • [iRule Replacement: Pool Command] when HTTP_REQUEST { set uri [HTTP::uri] if { $uri ends_with ".gif" } { pool my_pool }
• Bot Standard
  • POST /login/ protection
  • GET / Web Scraping protection
• Rate Limiting
• Client Side Defense
• App Type & App Settings (ML)
  • User Behavior Analysis (Malicious User Detection)
  • API Discovery
  • [DDoS] Time Series Analysis

Map the VES P12 Password to ENV Var

. ./prep.sh

Deploy

terraform init
terraform plan
terraform apply

Destroy

terraform destroy

Bugs and enhancements can be made by opening an issue within the GitHub repository.