New application delivery firewall solution safeguards customers’ applications, data, and users and provides industry-leading performance
F5 Networks, Inc. (NASDAQ: FFIV), the global leader in Application Delivery Networking, has announced new security offerings designed to safeguard organisations’ network and application infrastructures. With the introduction of BIG-IP® Advanced Firewall Manager™ and enhancements to other security offerings, F5 provides the industry’s fastest and most scalable application delivery firewall solution. F5’s firewall solution is the first in the industry to unify a network firewall with traffic management, application security, user access management, and DNS security capabilities within an intelligent services framework.
When deployed with F5’s new VIPRION® 4800 hardware, the F5® application delivery firewall solution provides performance levels well beyond what other vendors can offer, including:
- 640 Gbps of firewall throughput
- 288 million concurrent sessions
- 8 million connections per second
By consolidating the network and security functions of several BIG-IP® modules into an integrated solution, F5 helps organisations reduce management complexity and overhead, while maintaining superior performance and scalability. In support of the F5 application delivery firewall solution, today’s announcement marks significant milestones from a product perspective, including:
- New BIG-IP® Advanced Firewall Manager (AFM™)
At the core of F5’s application delivery firewall solution, the BIG-IP Advanced Firewall Manager product is an innovative network firewall built on full-proxy architecture to provide outstanding security. By orienting application security around the applications themselves, F5’s approach simplifies firewall policy management. This application-centric security model leverages F5’s industry-leading application delivery capabilities and intelligence to enhance customers’ overall security posture, while alleviating the complexity associated with mapping application infrastructure to static constructs such as traditional firewall zones.
- Enhancements to BIG-IP Access Policy Manager® (APM®)
With support for SAML 2.0, F5 now offers improved single sign-on (SSO) capabilities for web-based, VDI, and client/server applications—whether hosted in corporate data centers or the cloud. In addition, BIG-IP APM offers identity federation across multiple product instances within an organisation, reducing the number of passwords needed by users to access corporate applications. Managing credentials in this way helps customers mitigate security risks and reduces the burden of administrative tasks on IT personnel.
- Enhancements to BIG-IP Application Security Manager™ (ASM™)
BIG-IP ASM includes several new functions to help businesses strengthen their security posture for web applications and address evolving threats. BIG-IP ASM now features support for applications written with the Google Web Toolkit, meaning security teams can enforce application security policies that use this widely adopted framework. Additionally, BIG-IP ASM can better detect and mitigate clickjacking, a growing web threat that attackers use to trick others into revealing personal information.
“Increasingly, we’re seeing organisations grapple with attacks that target applications, in addition to more conventional network and perimeter threats,” said Mark Vondemkamp, VP of Security Product Management and Marketing at F5. “Because F5 products occupy strategic points of control within the infrastructure, they’re ideally situated to combine traditional application delivery with firewall capabilities and other advanced security services. F5 is committed to a highly scalable and extensible approach for our customers—one that integrates market-leading performance, monitoring, and context-based policy enforcement for superior protection.”
Unifying Application Delivery and Firewall Security in an Intelligent Services Framework
To support individual and comprehensive security initiatives, F5’s integrated approach to security enables customers to tailor their environments to address particular needs and priorities. F5’s customisable solutions help organisations:
- Confidently Protect Infrastructures with Unmatched Speed and Scalability
With the industry-leading performance of F5 solutions, customers can meet the rising demands driven by increasing numbers of mobile devices and web applications. F5® solutions also provide the processing power to guard the most demanding data centers against denial of service attacks (both volumetric and resource exhaustion threats)—even when those attacks are embedded within SSL.
- Maintain Application Availability, Even in the Face of Attacks
F5 products provide customers with secure access to business-critical applications as well as protection from large-scale attacks such as distributed denial of service (DDoS). During a DDoS attack, a customer’s site is inundated with requests from multiple origins in an attempt to overload servers. To mitigate such threats, F5 devices can help identify malicious actions, prioritise how requests from specific locations are handled, and focus on addressing properly qualified requests.
- Simplify Operations to Reduce Administrative Tasks and Costs
By aligning firewall security and access policies with the specific applications that organisations rely on, management of security-related rules, actions, and permissions can be simplified considerably with F5’s application delivery firewall. Further, F5’s integrated solutions provide sophisticated logging and reporting capabilities that can be customised on a per application basis across the application delivery infrastructure. This means that network, application, and security teams can easily access the security logs relevant to their tasks without having to rely on a single global logging system for all events. This level of granularity helps organisations and teams improve compliance and planning efforts, while streamlining the monitoring of application, network, and security events. In addition, controlling and logging access to sensitive web-based applications can be unified across private and public clouds with identity federation, consolidating password management and reducing the time IT spends on repetitive tasks.
“F5 is leveraging its strength in application delivery to extend into the firewall market, using its products’ ability to understand and optimise web traffic,” said Jeff Wilson, Principal Analyst at Infonetics Research. “There are a number of use cases where this new product can be deployed with other F5 solutions to better protect applications and optimise their performance at the same time.”
“In adding to its slate of security offerings, F5 is broadening the number of compelling, integrated solutions we can offer to clients,” said Dan Thormodsgaard, VP of Solutions Architecture with FishNet Security. “With the new firewall product in particular, customers can leverage their existing Application Delivery Controller investments to help protect data centre, network, and application resources from emerging threats.”
“Enterprises and service providers are incorporating identity federation to support SSO in growing numbers,” said Avi Saha, VP of Web and Database Services at ADP, one of the world’s largest providers of business outsourcing solutions. “F5’s enhanced BIG-IP products make it easy for organisations to integrate federation and related services to support all access methods—HTTP, HTTPS, SAML, etc.—on a single device. In looking at the market, we don’t see any other vendor that can offer the consolidated functionality of F5.”