-
Allow Regex and Prefix Path Matching for Malware Detection Rules
Malware Detection Rule Path Matching currently allows only exact matches, e.g., /upload. There should be the ability to match with regex (/upload/.*) or prefix match (/upload/) which would allow us to use Malware Scanning on unpredictable sub-paths. -
enable mTLS passthrough or mTLS client certification pinning
I have a customer that is using mTLS with a public CA client cert, this is pinned inside the app and the backed only allows the client cert by verifying the cert. in XC the customer would like to perform the mTLS validation not on the CA but on th... -
Routed DDoS | Firewall Rules to Block ASN and Country
For customer looking to block OFAC and other countries, having the option to block by ASN or "Country" as it is available for the load balancers -
vK8S RE +CE: have the same DNS suffix
A vK8S namespace has different DNS suffix depending on if the POD is hosted on a RE or a CE. The expected behavior is the DNS suffix engineering in the RE: to have the tenant and namespace info, but do not have the CE site name. Could we have the ... -
Monitoring and optimizing purpose. To maintain server performance, ensure system stability, defend against attacks, and provide quality service under varying loads.
CPS can measure how many new connections are established in a given second. It’s important for assessing the load on a server or service, especially in scenarios like web traffic or API usage. Monitoring CPS can help identify bottlenecks and ensur... -
Using ThreadCampaign ID Exclusion in WAF Exclusion Rules
I want to be able to set exclusion by WAF Exclusion Rule for each ThreadCampaign ID. Currently, there is only Enable or Disable, so we cannot handle false detections because we cannot make detailed exclusion settings. -
AppStore (like 'Operator' in OCP) for AppStack
have we considered to have AppStore tool in AppStack? like the 'Operator' portal in OCP, the reasons are: AppStack (Especial mk8s) should be targeting customers who just starts k8s journey while doesnt have resource/experience for full-blown OCP; ...
-
Automated Pen-testing of F5XC using Heyhack before every release.
Heyhack, F5's recent acquisition, is an automated reconnaissance and penetration testing solution. We should integrate Heyhack in our release pipeline. -
API credentials at tenent level
API credentials inherit the same user privileges as the creator, thereby receiving identical Role-Based Access Control (RBAC) permissions. We would like to make this process bind at tenant level not only user -
Support for More then 2 interfaces on XC VMWare based CE
https://gitlab.com/f5/volterra/support/zendesk/-/issues/9027 State of Montana’s use case would require having three or more ethernet interfaces available on customer edge sites/clusters to accommodate desperate routing domains or VRFs. Current cus...
