Haiyan Song (F5)
F5 Networks has rolled out an integrated, cloud-based security platform and services aimed at protecting widely distributed enterprise applications.
The vendor used its Agility conference this week to introduce its overarching Distributed Cloud Services platform, which will bring together security technologies from recent acquisitions, including Threat Stack, Volterra, and Shape Security, plus its own web-application firewall and other components to offer an integrated, secure, distributed application-management platform for on-premises or cloud deployment.
“Modernising apps includes transformational actions such as leveraging microservices, using multiple clouds and edge locations instead of a single cloud provider, and utilising API-based communication to connect workloads and data,” wrote Haiyan Song, executive vice president and general manager of F5’s Security & Distributed Cloud Product Group in a blog about the new services.
“Resources are taxed — especially security teams, and modernisation efforts are putting increasing pressure on most organisations’ security postures. Apps are evolving fast; security teams and technologies need to keep pace — this is easier said than done.”
An overriding goal is to reduce the complexity of app deployments and facilitate network modernisation, Song stated.
The first Distributed Cloud Services service — F5 Distributed Cloud WAAP (Web application and API protection) — includes the vendor’s web application firewall, bot mitigation, and DDoS- and API-protection capabilities. It will provide a single console for enabling enforcement of consistent security policies to applications wherever they need to be deployed.
Specifically, the service utilises F5’s Distributed Cloud WAF that offers signature- and behaviour-based protection for web applications. It inspects application requests and responses to block and mitigate a broad spectrum of risks culled from the Open Web Application Security Project (OWASP) Top 10 threats, including malicious users and more, according to Mark Weiner, vice of product marketing, security, and distributed cloud at F5.
It also features API security through F5’s Distributed Cloud API With automatic API discovery that can identify and map API endpoints to any app as well as provide support for a positive security model. With it, organisations can observe, refine, and enforce proper API behaviour, Weiner stated.
F5 Distributed Cloud Bot Defense manages and deflects malicious automation to prevent sophisticated, human-emulating attacks. It brings together unified telemetry, network intelligence, and AI/ML with human analysis to identify and defend against automated threats such as credential stuffing and account takeover, Weiner stated
Another component, F5 Distributed Cloud DDoS Mitigation, offers Layer 3-7 distributed denial-of-service (DDoS) protection to block spoofed and malformed traffic, request floods, and other forms of abuse that attempt to overload web properties and apps, Weiner stated.
