SYS-CON MEDIA Authors: Elizabeth White, Yeshim Deniz, Roger Strukhoff, Jason Bloomberg, Pat Romanski

Blog Feed Post

DevCentral’s Featured Member for July – Rhazi Youssef

youssefOur Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and our Featured Series gives you some insight on some of our most active folks.

Rhazi Youssef has been a very active DevCentral member since 2012 and the third engineer we’ve featured from e-Xpert Solutions SA. Initially Rhazi was a bit reluctant to participate as he’s a quiet, humble guy and we’re thrilled that he’s DevCentral’s Featured Member for July!

Let’s learn a bit more about Rhazi.

DevCentral: Please explain to the DevCentral community a little about yourself, what you do and why it’s important.

Rhazi: I’m a security engineer since 2009 working in Geneva (Switzerland), a region with several security projects involving F5 BIG-IP (GTM, LTM, ASM, APM). My interest began early when I started and installed several security equipment like Mail relay, FW, SIEM&SEM, web proxy…

But I admit that my job became more interesting when I started to approach the application part. I am talking about WAF (ASM), perimeter security (APM), LTM (LB, optimization,)…

I immediately bonded with this product since it is very rich, complete and scalable with its time. It is for this reason that I invested heavily on this product by passing for example all my certificates which gives me today the title of “Security Solution Expert” (401).

DC: You are a very active contributor in the DevCentral community. What keeps you involved?

RY: First off, like everyone else I admit that Devcentral has already allowed me to get out of trouble and not just once, and I thank the community for this. The DevCentral community is very much involved in sharing, helping and informing members. This work done by the community helped me a lot in my work (I upgraded my skills) so I think it is normal for me to give back to the community that helped me…and offer advice that will help with experience and knowledge the community to move forward.

My investment in the community is even easier since F5 is a product that is very important to me. Today I work primarily on F5 BIG-IP (APM, ASM, LTM, GTM, WebSafe) which allows me to have an important experience on the potential problems that one can meet during a deployment, so it’s the least of the things to help the community when I can.

DC: Tell us a little about the areas of BIG-IP expertise you have.

RY: These last 6 years I worked mainly on F5, I had the chance to work with some very great customers that I cannot mention :-). I deployed all types of hardware until VIPRION. And today I work on almost all of the BIG-IP modules (ASM, APM, LTM, GTM, VCMP, LC, WebSafe).

The advantage with F5 is that you cannot get tired of this product. It is rich, complete and scalable. For example the APM that allowed me to meet the needs of our customers by going from the identity federation (SAML) to Oauth&OpenID connect. But still it’s the same thing for ASM and other modules. We do not say it often enough but this product allows us to be up to date in terms of security; I’m talking about authentication protocols that the APM offers, different security methods carried by the ASM … all these aspects allow us to maintain our level and to learn …

DC: You are a Sr. Security Engineer with e-Xpert Solutions SA. Can you describe your typical workday, how you manage work/life balance and the strong support of F5 solutions?

e-xpertRY: As everyone knows the job of Security Engineer is not easy. We must manage several clients, several projects, manage customer support, communicate with clients (vulnerabilities, news), schedule management, project tracking,…

So every morning I spend quite some time to manage my emails, my calendar and answer to my customers. I am registered to F5 RSS feed, which keep me updated on CVE, I also follow many f5 webinars (I usually watch them later when they are online).

At e-Xpert solutions I am product manager of F5 solution, so I have to inform my colleagues about vulnerabilities or any new features, I must also regularly write news that we publish on our website. The other PMs do the same thing with their own products which also allows me to be informed about the other products of our portfolio.

During my working day I connect regularly to DevCentral when I have some time to help or learn about some interesting topics. For me, helping the community is not binding. On the contrary, certain questions allow us to update ourselves on certain subjects and to exchange on our different points of view.

I finished my work day in the evening by doing a small check of my mails and a pass on my usual information sites which included DevCentral. I almost forgot I work out every 3 days and I try to run at least every 2 days (no excuse for gym time!).

If you are interested, here is the website of the company in which I evolve:

DC: You have a number of F5 Certifications. Why are these important to you and how have they helped with your career?

RY: 8 months ago I had my last certification “Security Solution Expert” (401). Having all these certifications was very important to me. First of all in order to guarantee a high level of expertise to our customer. Moreover this certification process obliges us to study and consequently to update us on the different modules.

These certifications are like a quality label, our customers appreciate when the engineers who intervene has the higher level of certification.

Moreover with the experience that I have, I think that the passage of these certifications allow us to have a richer view of the product and consequently to propose to our customers the best possible alternatives according to their needs.

DC: Describe one of your biggest BIG-IP challenges and how DevCentral helped in that situation.

RY: DC allowed me several times to solve the different problems I encountered. Things that seem simple to me today but that was not at the time I posted them and caused me quite some problems (Kerberos delegation, Kerberos authentication, Sideband, DDOS using iRule with session table …).

I remember that I had to set up a perimeter of security to protect an application using the APM (I know it looks pretty simple). But I realized that the application was contextual (Web and JNLP) and that the APM session cookies were not propagated on to other contexts, so JNLP part could not connect.

I will not go into the technical details but I had to create an iRule that used a table of correspondence between the cookie APM and the JNLP JSessionID that I stocked in a table session. Later I made an SSO on the backend application using the sideband (SSO profiles APM was not suitable). DC allowed me to build my iRule and sincerely without DC I would have had a lot of trouble and it would have taken me took a lot of time. And lastly DC allowed me to set up a fakeadfs using iRulesLX (and without DC, I do not think I could have done it alone).

DC: Finally, if you weren’t an IT admin – what would be your dream job? Or better, when you were a kid – what did you want to be when you grew up?

RY: When I was little and did not have school I spent my whole day on the football fields. I could play for 6 hours of suites without stopping. I loved football and I still do. So as you guessed I wanted to become a professional. But reality has taken over the dreams. Growing up I discovered computer science I started to build/dismantle my pc to add ram, change the hard drive, buy new graphics card for games… and little by little, I ended up in IT and I really do not regret it, but I admit that if I could have had the career of Ronaldo and also his salary I would not have mind either.

Thanks Rhazi!

Check out all of Rhazi’s DevCentral contributions, connect on LinkedIn and follow e-xpert Solutions on LinkedIn.

If there is a DevCentral member you think should be featured, let us know in the comments section!

Read the original blog entry...

More Stories By Peter Silva

Peter is an F5 evangelist for security, IoT, mobile and core. His background in theatre brings the slightly theatrical and fairly technical together to cover training, writing, speaking, along with overall product evangelism for F5. He's also produced over 350 videos and recorded over 50 audio whitepapers. After working in Professional Theatre for 10 years, Peter decided to change careers. Starting out with a small VAR selling Netopia routers and the Instant Internet box, he soon became one of the first six Internet Specialists for AT&T managing customers on the original ATT WorldNet network.

Now having his Telco background he moved to Verio to focus on access, IP security along with web hosting. After losing a deal to Exodus Communications (now Savvis) for technical reasons, the customer still wanted Peter as their local SE contact so Exodus made him an offer he couldn’t refuse. As only the third person hired in the Midwest, he helped Exodus grow from an executive suite to two enormous datacenters in the Chicago land area working with such customers as Ticketmaster, Rolling Stone, uBid, Orbitz, Best Buy and others.

Writer, speaker and Video Host, he's also been in such plays as The Glass Menagerie, All’s Well That Ends Well, Cinderella and others.

Latest Stories
Industry after industry is under siege as companies embrace digital transformation (DX) to disrupt existing business models and disintermediate their competitor’s customer relationships. But what do we mean by “Digital Transformation”? The coupling of granular, real-time data (e.g., smartphones, connected devices, smart appliances, wearables, mobile commerce, video surveillance) with modern technologies (e.g., cloud native apps, big data architectures, hyper-converged technologies, artificial in...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and simple way to introduce Machine Leaning to anyone and everyone. He solved a machine learning problem and demonstrated an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (, a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/business intelligence and Bi...
Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the mod...
The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to companies expanding to Japan. With the support of JETRO's dedicated staff, clients can incorporate their business; receive visa, immigration, and HR support; find dedicated office space; identify local government subsidies; get tailored market studies; and more.
Tapping into blockchain revolution early enough translates into a substantial business competitiveness advantage. Codete comprehensively develops custom, blockchain-based business solutions, founded on the most advanced cryptographic innovations, and striking a balance point between complexity of the technologies used in quickly-changing stack building, business impact, and cost-effectiveness. Codete researches and provides business consultancy in the field of single most thrilling innovative te...
CloudEXPO has been the M&A capital for Cloud companies for more than a decade with memorable acquisition news stories which came out of CloudEXPO expo floor. DevOpsSUMMIT New York faculty member Greg Bledsoe shared his views on IBM's Red Hat acquisition live from NASDAQ floor. Acquisition news was announced during CloudEXPO New York which took place November 12-13, 2019 in New York City.
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, discussed some of the security challenges of the IoT infrastructure and related how these aspects impact Smart Living. The material was delivered interac...
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
In his session at 23rd International CloudEXPO, Raju Shreewastava, founder of Big Data Trunk, will provide a fun and simple way to introduce Machine Leaning to anyone and everyone. Together we will solve a machine learning problem and find an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (, a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/busine...
CloudEXPO has been the M&A capital for Cloud companies for more than a decade with memorable acquisition news stories which came out of CloudEXPO expo floor. DevOpsSUMMIT New York faculty member Greg Bledsoe shared his views on IBM's Red Hat acquisition live from NASDAQ floor. Acquisition news was announced during CloudEXPO New York which took place November 12-13, 2019 in New York City. Our Silicon Valley 2019 schedule will showcase 200 keynotes, sessions, general sessions, power panels, and...
ShieldX's CEO and Founder, Ratinder Ahuja, believes that traditional security solutions are not designed to be effective in the cloud. The role of Data Loss Prevention must evolve in order to combat the challenges of changing infrastructure associated with modernized cloud environments. Ratinder will call out the notion that security processes and controls must be equally dynamic and able to adapt for the cloud. Utilizing four key factors of automation, enterprises can remediate issues and impro...
Intel is an American multinational corporation and technology company headquartered in Santa Clara, California, in the Silicon Valley. It is the world's second largest and second highest valued semiconductor chip maker based on revenue after being overtaken by Samsung, and is the inventor of the x86 series of microprocessors, the processors found in most personal computers (PCs). Intel supplies processors for computer system manufacturers such as Apple, Lenovo, HP, and Dell. Intel also manufactu...
When you're operating multiple services in production, building out forensics tools such as monitoring and observability becomes essential. Unfortunately, it is a real challenge balancing priorities between building new features and tools to help pinpoint root causes. Linkerd provides many of the tools you need to tame the chaos of operating microservices in a cloud native world. Because Linkerd is a transparent proxy that runs alongside your application, there are no code changes required. I...
BMC has unmatched experience in IT management, supporting 92 of the Forbes Global 100, and earning recognition as an ITSM Gartner Magic Quadrant Leader for five years running. Our solutions offer speed, agility, and efficiency to tackle business challenges in the areas of service management, automation, operations, and the mainframe.
The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete at launch. DevOps may be disruptive, but it is essential. DevOpsSUMMIT at CloudEXPO expands the DevOps community, enable a wide sharing of knowledge, and educate delegates and technology providers alike.