F5 on working inside the 'dynamic cloud fabric', safely

F5 Networks used its Agility 2015 conference in Edinburgh this week to launch a new ‘cloud-delivered’ managed service to defend against web application attacks.

The service also aims to “ensure compliance” across dynamic cloud and datacentre environments.

NOTE: F5 it’s almost superfluous that F5 should use the term ‘dynamic’ there i.e. what cloud datacentre is NOT dynamic now? The firm’s stance on application agility inside cloud environments with regard to its iRules product (keep reading down) is testament to this notion. Hence the saying, the cloud is a fabric, not a solid.

But back to the news, the Silverline Web Application Firewall service provides web application firewall (WAF) implementation and policy enforcement capabilities.

The service includes 24×7 support from F5 Security Operations Center (SOC) resources.

It is built on the company’s BIG-IP Application Security Manager product and provides WAF services in both on-premises and subscription-based cloud offerings.

The company’s WAF solutions incorporate cloud resources to protect apps and data from what F5 calls out as “increasingly sophisticated” security attacks, risks and vulnerabilities.

A lesson in web security history

Historically says F5, enforcing web application security and compliance policies across a variety of traditional and cloud environments has meant greater complexity, security gaps and higher costs.

As a result, a number of organisations choose to offload WAF administration and policy management, mitigating attacks that might otherwise lead to application downtime, revenue losses, and a damaged brand.

F5 insists that it is able to leverage its security efficacy to protect against advanced layer 7 attacks (such as those based on geolocation, DDoS, SQL injection, zero-day threats, AJAX applications, JSON payloads, OWASP Top Ten, and others) in this cloud-based service.

These WAF solutions offer automated, self-learning capabilities in a customizable framework that takes advantage of programmable iRules and iApps technologies to rapidly respond and adapt to evolving threats.

“With security needs outpacing the number of qualified WAF experts in the industry, many organisations find themselves under-protected. Silverline solutions expand F5’s fabric-based Synthesis framework to include cloud-delivered services–giving customers the benefit of F5 experts proactively looking after WAF functionality. This approach effectively makes F5 the application security IT engineer for the customer, providing internal personnel the opportunity to focus on other priorities,” said Mark Vondemkamp, VP of security and Silverline technologies, F5 Networks.

Consolidated security functions

With its integrated Silverline offerings, F5 provides a growing number of hybrid, on-premises, and cloud-delivered application security solutions, including focused solutions around WAF, DDoS Protection, IP Intelligence, and Secure Web Gateway Services.

Looking forward, F5 will offer additional services from its BIG-IP product portfolio through the Silverline platform, giving customers freedom and flexibility in how they combine owned, hosted, and managed IT resources.

In the context of broader infrastructures, customers will also be able to centralise policy control and orchestration capabilities through APIs and future integrations with F5 management solutions.


Disclosure: F5 paid for Adrian Bridgwater’s travel costs to attend its EMEA Agility 2015 conference in Edinburgh, Scotland.