Thursday, March 14, 2019

A10 Load Balancers - Aflex to inspect payload

Hey everyone,

I'm reading through the A10 AFlex guide right now and have done the normal items of redirecting 80 to 443 and some URI redirection. What I am thinking about doing is having the A10 inspect the payload for a certain string.

We terminate SSL connections on the front side of the a10 and then decrypt it from a10 to the web servers from the inside interface. So I would ideally be able to put this on the inside interface.

I have a certain user agent string that I am looking to identify in our traffic and attempting to sniff it out with a non network grade sniffer has been difficult.

Has anyone ever done anything like this before? I know the load of this might put some stress on the A10 but this is likely my best bet.



No comments:

Post a Comment