Virtualization Technology News and Information
F5 Launches Advanced WAF for Multi-Cloud App Security

Coinciding with the ACSC conference this week, F5 Networks is announcing its Advanced Web Application Firewall solution for comprehensive application protection. With industry leading security capabilities to guard against evolving application threats, F5 is adding to its growing portfolio of integrated and standalone solutions specifically designed for app security.

F5's Advanced WAF supports a variety of consumption and licensing models, including a per-app basis, as well as perpetual, subscription, and utility billing options for ultimate flexibility in the cloud and the data center. This helps SecOps better collaborate with modern DevOps and NetOps teams to easily deploy app protection services in any environment that can be configured for individual applications or en masse. F5's holistic approach to application security reduces management complexity, decreases OpEx, and efficiently delivers services to neutralize attacks.

Already a leader in the Web Application Firewall space, this new solution pushes F5 far beyond competitive products, also enhancing the company's self-service WAF Express and managed Silverline WAF offerings. As examples of its differentiated functionality, F5's Advanced WAF gives customers:

  • Superior protections against credential theft and abuse
  • The only WAF with comprehensive mitigation of web and mobile bot threats
  • Layer 7 DDoS detection using machine learning and behavioral analytics for high accuracy
  • The market's most scalable WAF solution

"Recent research from F5 Labs revealed that applications are the initial targets in the majority of breaches, suggesting that any app can be an attack vector," said Ram Krishnan, SVP and General Manager of the Security business unit at F5. "Cybercriminals are using sophisticated application-layer exploits, as well as an emerging wave of automated, bot, and IoT-based threats that are quite capable of evading simple signature or reputation-based detection. F5 offers the most complete application protection, with Advanced WAF as a foundational technology that can be deployed, managed, and consumed in the manner that best suits our customers."

Industry Leading Threat Protection for Every App

In today's economy, application health is synonymous with revenue. Beyond basic services such as protection against the OWASP Top 10, F5 now enables the same enhanced WAF capabilities in the cloud as it traditionally has in its on-premises solutions. Advanced WAF dynamically protects apps with anti-bot capabilities, stops credential theft using keystroke encryptions to guard against keyloggers, and extends app-layer DDoS detection and remediation for all apps through a combination of machine learning and behavioral analysis. For dedicated DDoS protection, F5 also offers an updated version of DDoS Hybrid Defender, with market leading price/performance and new capabilities that operationalize DDoS functionality and significantly optimize ‘time to identify' and ‘time to mitigate' response metrics.

Scalable Defense to Promote Business Innovation and Agility

Advanced WAF enables F5 customers to deploy essential app security for multiple cloud platforms-private and public-while also promoting service portability through microservices and container use cases. Taking advantage of automated security policy capabilities, the solution helps organizations shorten deployment times for new apps with easy to use cloud templates for AWS, Google, and Azure environments. This approach gives companies the freedom to grow their on-premises and cloud infrastructures according to business priorities, with the confidence that their apps will be protected without being tied to any individual deployment model or particular cloud platform.

Security Expertise for Comprehensive Detection and Remediation

To further supplement its impressive product capabilities, F5 solutions are backed by an extended set of adjacent security programs and offerings. These include threat research and analysis from F5 Labs, rapid response capabilities from F5's world-class Security Incident Response Team (SIRT), and dedicated global attack mitigation through the company's Security Operations Center (SOC) locations. These resources provide proactive, 24x7 threat monitoring and reporting to protect organizations from pervasive threats such as malware, phishing, and web fraud. In parallel, F5 Professional Services deliver guidance on the best ways to architect, implement, maintain, and optimize security solutions for any deployment scenario.


F5 Advanced WAF and DDoS Hybrid Defender are available now, with new security features incorporated as released.

Published Tuesday, April 10, 2018 6:20 PM by David Marshall
Filed under:
F5 Launches Advanced WAF for Multi-Cloud App Security - EMC VMAX - (Author's Link) - April 11, 2018 3:51 AM
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<April 2018>