UDF Lab Environment

F5 WAAP & Bot Protection Demo

A purpose-built demo application running in F5 UDF for demonstrating F5 Web Application & API Protection, Bot Defense, and security capabilities.

πŸ›‘οΈ F5 Distributed Cloud WAAP πŸ€– Bot Defense πŸ“„ API Security ☁️ Running on UDF ☸️ Kubernetes
Environment
Platform:F5 UDF
|
Runtime:Kubernetes v1.31.14
|
Backend:10.1.1.6:32206
|
XC Domain:syu-demo-app.cloud.myf5demo.com
|
CE Sites:syu-udf-ce-1 / syu-udf-ce-2
πŸš€ Demo Features
πŸ”
Auth Demo
Login Page
Simulate credential-based attacks, brute force, and credential stuffing scenarios for F5 Bot Defense demos.
Open Login β†’
πŸ”
Visibility
Request Inspector
View real-time client request details β€” headers, IP, user-agent, bot signals, and fingerprinting data.
Inspect β†’
⚠️
WAF Testing
WAF Test Page
Send common attack payloads β€” SQLi, XSS, Path Traversal, XXE, CMDi β€” to test F5 WAF detection and blocking.
Test WAF β†’
πŸ€–
Bot Defense
Bot Simulator
Generate bot traffic patterns β€” scraping, credential stuffing, API harvesting β€” to demo F5 Bot Defense capabilities.
Simulate β†’
πŸ“„
API Security
REST API
Sample REST API endpoints for demonstrating F5 API Discovery, API Protection, and XC API Security features.
View API β†’
πŸ“Š Environment Details

πŸ–₯️ UDF Lab Setup

EnvironmentF5 UDF
OSUbuntu 24.04 LTS
Outside IP10.1.1.6
Inside IP10.1.10.6
App NodePort32206

☸️ Kubernetes

Versionv1.31.14
CNIFlannel
Replicas2
IngressNGINX Ingress Controller
StatusRunning

☁️ F5 Distributed Cloud

CE Site 1syu-udf-ce-1
CE Site 2syu-udf-ce-2
Connected REwes-sea / sv10-sjc
LB Domainsyu-demo-app.cloud.myf5demo.com
StatusActive

πŸ›‘οΈ F5 Security Stack

WAAPXC Distributed Cloud
WAFXC WAF / NGINX App Protect
Bot DefenseXC Bot Defense
API SecurityXC API Security
DDoSXC DDoS Mitigation