Applies To:Show Versions
These release notes document the version 13.0.0 release of BIG-IP Fraud Protection Service (FPS). You can apply the software upgrade to systems running software versions 11.6.x and 12.x.
- Platform support
- Configuration utility browser support
- User documentation for this release
- Upgrading to BIG-IP 13.0.0 from a previous version
- Fixes, behavior changes, and known issues
- New in 13.0.0
- Contacting F5 Networks
- Legal notices
This version of the software is supported on the following platforms:
|Platform name||Platform ID|
|BIG-IP 6900 FIPS||D104|
|BIG-IP 11050, 11050 NEBS||E102|
|BIG-IP 2000 Series (2000s, BIG-IP 2200s)||C112|
|BIG-IP 4000 Series (4000s, BIG-IP 4200v)||C113|
|BIG-IP 5000 Series (5000s, 5050s, 5200v, 5250v)||C109|
|BIG-IP 7000 Series (7000s, 7050s, 7055, 7200v, 7250v, 7255)||D110|
|BIG-IP 10050 Series (10150s-NEBS, 10350v (AC), 10350v-NEBS, 10350v-FIPS)||D112|
|BIG-IP 10000 Series (10000s, 10050s, 10055, 10200v, 10250v, 10255)||D113|
|BIG-IP 12000 Series (12250v)||D111|
|BIG-IP i2000 Series (i2800)||C117|
|BIG-IP i4000 Series (i4800)||C115|
|BIG-IP i5000 Series (i5600/i5800)||C119|
|BIG-IP i7000 Series (i7600/i7800)||C118|
|BIG-IP i10000 Series (i10600/i10800)||C116|
|VIPRION B2100 Blade||A109|
|VIPRION B2150 Blade||A113|
|VIPRION B2250 Blade||A112|
|VIPRION B4300, B4340N Blade||A108, A110|
|VIPRION B4450 Blade||A114|
|VIPRION C2200 Chassis||D114|
|VIPRION C2400 Chassis||F100|
|VIPRION C4480, C4480N Chassis||J102, J103|
|VIPRION C4800, C4800N Chassis||S100, S101|
|Virtual Edition (VE)||Z100|
These platforms support various licensable combinations of product modules. This section provides general guidelines for module support.
Most of the support guidelines relate to memory. The following list applies for all memory levels:
- vCMP supported platforms
- VIPRION B2100, B2150, B2250, B4200
- VIPRION B4300 blade in the 4400(J100)/4480(J102) and the 4800(S100)
- BIG-IP 5200v, 5250v, 7200v, 7250v, 10200v, 10250v, 10350v, 12250v
Memory: 12 GB or more
All licensable module-combinations may be run on platforms with 12 GB or more of memory, and on VE and vCMP guests provisioned with 12 GB or more of memory. Note that this does not mean that all modules may be simultaneously provisioned on all platforms with 12 GB or more of memory. The BIG-IP license for the platform determines which combination of modules are available for provisioning.
Memory: 8 GB
The following guidelines apply to the BIG-IP 2000s, 2200s, 3900, 6900 platforms, to the VIPRION B4100 and B4100N platforms, and to VE guests configured with 8 GB of memory. (A vCMP guest provisioned with 8 GB of memory has less than 8 GB of memory actually available and thus does not fit in this category.)
- No more than three modules should be provisioned together.
- On the 2000s and 2200s, Application Acceleration Manager (AAM) can be provisioned with only one other module.
- To use Access Policy Manager (APM) and Secure Web Gateway (SWG) modules together on platforms with exactly 8 GB of memory, Local Traffic Manager (LTM) provisioning must be set to None.
Memory: Less than 8 GB and more than 4 GB
The following guidelines apply to platforms, and to VE and vCMP guests provisioned with less than 8 GB and more than 4 GB of memory. (A vCMP guest provisioned with 8 GB of memory has less than 8 GB of memory actually available and thus fits in this category.)
- No more than three modules (not including AAM) should be provisioned together.
- Application Acceleration Manager (AAM) cannot be provisioned with any other module; AAM can only be provisioned standalone.
- Analytics (AVR) counts towards the two module-combination limit (for platforms with less than 6.25 GB of memory).
Memory: 4 GB or less
The following guidelines apply to the BIG-IP 1600 and 3600 platforms, and to VE and vCMP guests provisioned with 4 GB or less of memory.
- No more than two modules may be configured together.
- AAM should not be provisioned, except as Dedicated.
- ASM can be provisioned with this amount of memory, but a sizing exercise should be performed to ensure that it does not hit capacity issues.
vCMP memory provisioning calculations
The amount of memory provisioned to a vCMP guest is calculated using the following formula: (platform_memory- 3 GB) x (cpus_assigned_to_guest/ total_cpus).
As an example, for the B2100 with two guests, provisioned memory calculates as: (16-3) x (2/4) ~= 6.5 GB.
- BIG-IP LTM standalone only
- BIG-IP GTM standalone only
- BIG-IP LTM and GTM combination only
Configuration utility browser support
The BIG-IP Configuration Utility supports these browsers and versions:
- Microsoft Internet Explorer 11.x
- Mozilla Firefox v40, or later
- Google Chrome v44, or later
User documentation for this release
For documentation related to this release, contact the F5 sales team.
Upgrading to BIG-IP 13.0.0 from a previous version
- When upgrading FPS from BIG-IP 12.0.0 or 12.1.0 to 13.0.0, you should delete the mobile security alerts URL (typically /rstats/) and the alert routing iRule on all mobile security profiles.
- Due to changes in malware detection configuration in BIG-IP 13.0.0, after upgrading FPS from BIG-IP 11.6.x, 12.0.0, or 12.1.0, a user-defined malware type is automatically created by the system that contains the malware detection configuration from the previous BIG-IP version. The name of this malware type is general.
Fixes, behavior changes, and known issues
For a comprehensive list of fixes, behavior changes, and known issues for this release, refer to the BIG-IP 13.0.0 Release Information page.
New in 13.0.0
F5 Networks provides Fraud Protection Service (FPS) that detects and protects customer's web sites and mobile apps from fraud attacks, such as malware and phishing. Using layered security, automatic engines, and a 24/7 security operation center (SOC), FPS efficiently detects attacks as they are being set up, monitors the fraudulent activity, and documents the incident. Users can view notifications of fraud incidents by means of alerts sent to the FPS Dashboard.
New FPS features in BIG-IP 13.0.0 include:
Device ID for the client’s computing deviceFPS can now create a fingerprint for identifying the client's browser. This fingerprint is included in alerts sent to the FPS Dashboard or BIG-IQ Logging Nodes.
Improved support for Single Page Applications (SPA)FPS 13.0.0 can perform the following actions on full JSON payloads:
- Identify a username contained in a payload
- Detect data manipulation within a payload
Additional iRules flexibilityFPS 13.0.0 provides additional iRules flexibility so that the various type of FPS detection and protection can be disabled on protected URLs for the current HTTP request. Specifically, the following FPS detection and protection can be disabled: Malware Detection, Phishing Detection, Application Layer Encryption, and Automatic Transactions Detection.
Improved debug troubleshooting for the specific clientDebug logging has been added to FPS 13.0.0. When this feature is enabled, a debug output log is generated encrypted on the client-side and when sent to the Dashboard alert server can be viewed decrypted.
Applying malware detection to user-defined malware typesFPS malware detection has a default set of malware types that it can detect on your anti-fraud profile. If you want FPS to check for a malware type that is not part of its default set, you can now define a malware type using the FPS Malware Configuration settings. You can configure FPS to detect a malware type by means of:
- URLs that the malware can block (domain availability)
- Resources in the client's web browser that can be loaded from the malware (browser cache)
- Baits that can attract the malware
Malware OverviewThe FPS GUI now displays a Malware Overview, per URL, that presents:
- A summary of the types of malware FPS is currently configured to detect on the URL, including user-defined types,
- Which types of malware detection FPS applies to the URL.
Automatic transaction configuration per URLAlmost all Automatic Transaction settings are now configured per URL and not on the profile level. This allows for more variation and flexibility when configuring Automatic Transactions detection on the URLs in your profile.
Cloning a URLIn FPS 13.0.0, you can create a new URL using the Clone button so that the new URL receives exactly the same configuration settings of an existing URL, including all URL parameters. This is useful in situations where the URL of the form action in a page is different than the URL of the page itself, in which case you would need to have the same URL configuration for both URLs.
Mobile Security repackaging detection (encryption enforcement)By applying certain configurations on URL parameters, FPS Mobile Security can now ensure that parameters in an HTTP request coming from a mobile app are encrypted using FPS Application Level Encryption. If the FPS system detects that a parameter value is actually not encrypted when the system expects it to be, its value is nullified.
Keylogger Detection on Android mobile devicesWhen using FPS 13.0.0 with MobileSafe SDK version 22.214.171.124 or later, FPS can detect certain keyloggers based on their characteristics on Android devices.
Contacting F5 Networks
For additional information, please visit http://www.f5.com.
How to Contact F5 Support or the Anti-Fraud SOC
- By phone in the U.S. (accessible 24x7): 888-88askf5 (888-882-7535).
- International contact numbers: http://www.f5.com/training-support/customer-support/contact/.
- The Support Coordinator can contact the SOC as needed.
You can contact the Anti-Fraud SOC as follows:
- By phone in the U.S. (accessible 24x7): 866-329-4253 (Option #3 for Anti-Fraud)
- International contact numbers: https://f5.com/products/platforms/silverline/f5-silverline-ddos-protection
You can find additional support resources and technical documentation through a variety of sources.
- The F5 Networks Technical Support web site: https://f5.com/support
- The AskF5 web site: https://support.f5.com/csp/home
- The F5 DevCentral web site: https://devcentral.f5.com/
- AskF5 Publication Preference Center: https://interact.f5.com/AskF5-SubscriptionCenter.html
F5 Networks Technical Support
Free self-service tools give you 24x7 access to a wealth of knowledge and technical support. Whether it is providing quick answers to questions, training your staff, or handling entire implementations from design to deployment, F5 services teams are ready to ensure that you get the most from your F5 technology.
AskF5 is your storehouse for thousands of knowledgebase articles that help you manage your F5 products more effectively. Whether you want to browse periodically to research a solution, or you need the most recent news about your F5 products, AskF5 is your source.
The F5 DevCentral community helps you get more from F5 products and technologies. You can connect with user groups, learn about the latest F5 tools, and discuss F5 products and technology.
AskF5 Publication Preference Center
To subscribe, click AskF5 Publication Preference Center, enter your email address, select the publications you want, and click the Submit button. You will receive a confirmation email. You can unsubscribe at any time by clicking the Unsubscribe link at the bottom of the email, or on the AskF5 Publication Preference Center screen.
- TechNews Weekly eNewsletters: Up-to-date information about product and hotfix releases, new and updated articles, and new feature notices.
- TechNews Notifications: Periodic plain text TechNews, sent any time F5 releases a product or hotfix. (This information is always included in the next weekly HTML TechNews email.)
- Security Alerts: Timely security updates and ASM attack signature updates from F5.