Upgrade Magazine


F5 launches advanced WAF for multi-cloud app security

New offering delivers protection for all apps, with flexible consumption models to fit any deployment and management scenario.

F5 Networks is announcing its Advanced Web Application Firewall solution for application protection. With security capabilities to guard against application threats, F5 is adding to its portfolio of integrated and standalone solutions specifically designed for app security.

F5’s Advanced WAF supports a variety of consumption and licensing models, including a per-app basis, as well as perpetual, subscription and utility billing options for flexibility in the cloud and the data center. This helps SecOps better collaborate with DevOps and NetOps teams to deploy app protection services in any environment that can be configured for individual applications or en masse. F5’s approach to application security reduces management complexity, decreases OpEx, and efficiently delivers services to neutralize attacks.

Already a leader in the Web Application Firewall space, this new solution also enhances the company’s self-service WAF Express and managed Silverline WAF offerings. As examples of its differentiated functionality, F5’s Advanced WAF gives customers:

  • Protections against credential theft and abuse
  • The only WAF with mitigation of web and mobile bot threats
  • Layer 7 DDoS detection using machine learning and behavioral analytics for accuracy
  • The market’s most scalable WAF solution

“Recent research from F5 Labs revealed that applications are the initial targets in the majority of breaches, suggesting that any app can be an attack vector,” said Ram Krishnan, SVP and GM of the security business unit at F5. “Cybercriminals are using sophisticated application-layer exploits, as well as an emerging wave of automated, bot, and IoT-based threats that are quite capable of evading simple signature or reputation-based detection. F5 offers the most complete application protection, with Advanced WAF as a foundational technology that can be deployed, managed, and consumed in the manner that best suits our customers.”

Beyond basic services such as protection against the OWASP Top 10, F5 now enables the same enhanced WAF capabilities in the cloud as it traditionally has in its on-premises solutions. Advanced WAF dynamically protects apps with anti-bot capabilities, stops credential theft using keystroke encryptions to guard against keyloggers, and extends app-layer DDoS detection and remediation for all apps through a combination of machine learning and behavioral analysis. For dedicated DDoS protection, F5 also offers an updated version of DDoS Hybrid Defender, with leading price/performance and new capabilities that operationalize DDoS functionality and optimize ‘time to identify’ and ‘time to mitigate’ response metrics.

WAF enables F5 customers to deploy app security for multiple cloud platforms—private and public—while also promoting service portability through microservices and container use cases. Taking advantage of automated security policy capabilities, the solution helps organizations shorten deployment times for new apps with easy to use cloud templates for AWS, Google and Azure environments. This approach gives companies the freedom to grow their on-premises and cloud infrastructures according to business priorities.

F5 solutions are backed by an extended set of adjacent security programs and offerings. These include threat research and analysis from F5 Labs, rapid response capabilities from F5’s world-class Security Incident Response Team (SIRT), and dedicated global attack mitigation through the company’s Security Operation Center (SOC) locations.

F5 Advanced WAF and DDoS Hybrid Defender are available now, with new security features incorporated as released.

To Top