- 30 January 2013 16:00
F5 Enhances Application Delivery Security with the World’s Fastest Firewall
F5 Networks, Inc. (NASDAQ: FFIV), the global leader in Application Delivery Networking, today announced new security offerings designed to safeguard organisations’ network and application infrastructures. With the introduction of BIG-IP® Advanced Firewall Manager™ and enhancements to other security offerings, F5 provides the industry’s fastest and most scalable application delivery firewall solution. F5’s firewall solution is the first in the industry to unify a network firewall with traffic management, application security, user access management, and DNS security capabilities within an intelligent services framework.
When deployed with F5’s new VIPRION® 4800 hardware, the F5® application delivery firewall solution provides performance levels well beyond what other vendors can offer, including:
• 640 Gbps of firewall throughput • 288 million concurrent sessions • 8 million connections per second
By consolidating the network and security functions of several BIG-IP® modules into an integrated solution, F5 helps organisations reduce management complexity and overhead, while maintaining superior performance and scalability. In support of the F5 application delivery firewall solution, today’s announcement marks significant milestones from a product perspective, including:
• New BIG-IP® Advanced Firewall Manager (AFM™) At the core of F5’s application delivery firewall solution, the BIG-IP Advanced Firewall Manager product is an innovative network firewall built on full-proxy architecture to provide outstanding security. By orienting application security around the applications themselves, F5’s approach simplifies firewall policy management. This application-centric security model leverages F5’s industry-leading application delivery capabilities and intelligence to enhance customers’ overall security posture, while alleviating the complexity associated with mapping application infrastructure to static constructs such as traditional firewall zones.
• Enhancements to BIG-IP Access Policy Manager® (APM®) With support for SAML 2.0, F5 now offers improved single sign-on (SSO) capabilities for web-based, VDI, and client/server applications—whether hosted in corporate data centres or the cloud. In addition, BIG-IP APM offers identity federation across multiple product instances within an organisation, reducing the number of passwords needed by users to access corporate applications. Managing credentials in this way helps customers mitigate security risks and reduces the burden of administrative tasks on IT personnel. • Enhancements to BIG-IP Application Security Manager™ (ASM™) BIG-IP ASM includes several new functions to help businesses strengthen their security posture for web applications and address evolving threats. BIG-IP ASM now features support for applications written with the Google Web Toolkit, meaning security teams can enforce application security policies that use this widely adopted framework. Additionally, BIG-IP ASM can better detect and mitigate clickjacking, a growing web threat that attackers use to trick others into revealing personal information.
“Increasingly, we’re seeing organisations grapple with attacks that target applications, in addition to more conventional network and perimeter threats,” said Mark Vondemkamp, VP of Security Product Management and Marketing at F5. “Because F5 products occupy strategic points of control within the infrastructure, they’re ideally situated to combine traditional application delivery with firewall capabilities and other advanced security services. F5 is committed to a highly scalable and extensible approach for our customers—one that integrates market-leading performance, monitoring, and context-based policy enforcement for superior protection.”
Unifying Application Delivery and Firewall Security in an Intelligent Services Framework To support individual and comprehensive security initiatives, F5’s integrated approach to security enables customers to tailor their environments to address particular needs and priorities. F5’s customisable solutions help organisations:
• Confidently Protect Infrastructures with Unmatched Speed and Scalability With the industry-leading performance of F5 solutions, customers can meet the rising demands driven by increasing numbers of mobile devices and web applications. F5® solutions also provide the processing power to guard the most demanding data centres against denial of service attacks (both volumetric and resource exhaustion threats)—even when those attacks are embedded within SSL.
• Maintain Application Availability, Even in the Face of Attacks F5 products provide customers with secure access to business-critical applications as well as protection from large-scale attacks such as distributed denial of service (DDoS). During a DDoS attack, a customer’s site is inundated with requests from multiple origins in an attempt to overload servers. To mitigate such threats, F5 devices can help identify malicious actions, prioritise how requests from specific locations are handled, and focus on addressing properly qualified requests.
• Simplify Operations to Reduce Administrative Tasks and Costs By aligning firewall security and access policies with the specific applications that organisations rely on, management of security-related rules, actions, and permissions can be simplified considerably with F5’s application delivery firewall. Further, F5’s integrated solutions provide sophisticated logging and reporting capabilities that can be customised on a per application basis across the application delivery infrastructure. This means that network, application, and security teams can easily access the security logs relevant to their tasks without having to rely on a single global logging system for all events. This level of granularity helps organisations and teams improve compliance and planning efforts, while streamlining the monitoring of application, network, and security events. In addition, controlling and logging access to sensitive web-based applications can be unified across private and public clouds with identity federation, consolidating password management and reducing the time IT spends on repetitive tasks.
“F5 is leveraging its strength in application delivery to extend into the firewall market, using its products’ ability to understand and optimise web traffic,” said Jeff Wilson, Principal Analyst at Infonetics Research. “There are a number of use cases where this new product can be deployed with other F5 solutions to better protect applications and optimise their performance at the same time.”
“In adding to its slate of security offerings, F5 is broadening the number of compelling, integrated solutions we can offer to clients,” said Dan Thormodsgaard, VP of Solutions Architecture with FishNet Security. “With the new firewall product in particular, customers can leverage their existing Application Delivery Controller investments to help protect data centre, network, and application resources from emerging threats.”
“Enterprises and service providers are incorporating identity federation to support SSO in growing numbers,” said Avi Saha, VP of Web and Database Services at ADP, one of the world’s largest providers of business outsourcing solutions. “F5’s enhanced BIG-IP products make it easy for organisations to integrate federation and related services to support all access methods—HTTP, HTTPS, SAML, etc.—on a single device. In looking at the market, we don’t see any other vendor that can offer the consolidated functionality of F5.”
All F5 solutions mentioned in this announcement will be orderable in February 2013. Please contact a local F5 sales office for availability in specific countries.
About F5 Networks
F5 Networks (NASDAQ: FFIV) makes the connected world run better. F5 helps organisations meet the demands and embrace the opportunities that come with the relentless growth of voice, data, and video traffic, mobile workers, and applications—in the data centre, the network, and the cloud. The world’s largest businesses, service providers, government entities, and consumer brands rely on F5’s intelligent services framework to deliver and protect their applications and services while ensuring people stay connected. Learn more at www.f5.com.
You can also follow @f5networks on Twitter or visit us on Facebook for more information about F5, its partners, and technology. For a complete listing of F5 community sites, please visit www.f5.com/news-press-events/web-media/community.html.
F5, BIG-IP, Advanced Firewall Manager, AFM, VIPRION, Access Policy Manager, APM, Application Security Manager, and ASM are trademarks or service marks of F5 Networks, Inc., in the U.S. and other countries. All other product and company names herein may be trademarks of their respective owners.
This press release may contain forward looking statements relating to future events or future financial performance that involve risks and uncertainties. Such statements can be identified by terminology such as "may," "will," "should," "expects," "plans," "anticipates," "believes," "estimates," "predicts," "potential," or "continue," or the negative of such terms or comparable terms. These statements are only predictions and actual results could differ materially from those anticipated in these statements based upon a number of factors including those identified in the company's filings with the SEC.
Sign up now »
Manage the complete audit lifecycle from audit universe identification and risk assessment to management/board reporting and quality assurance.
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.