F5 security credentials come to the fore

Legacy in protecting applications offers an edge in the app economy

Tags: F5 NetworksUnited Arab Emirates
  • E-Mail
F5 security credentials come to the fore What is new is the industry finally recognising F5 a security company, said Kearney.
By  David Ndichu Published  June 14, 2017

F5 Networks has been a security vendor all along-although many people are just realising it.

F5 had in its portfolio a web application firewall fifteen years ago. The companys F5 BIG-IP Application Security Manager, a web application firewall, has been a feature in data centres for a decade and half protecting web servers from malicious traffic and blocking attempts to compromise the system.

F5 has always been close to applications, said Ryan Kearny, F5 Networks executive VP of product development and chief technology officer. By default, we have thus been part of the security posture of our customers as we pulled functionalities from application server infrastructure forward and into our controllers.

We also used to load balance firewalls because firewalls were not fast and available enough. We slowly started pulling even core firewall functionalities forward into our devices because we could implement firewall security policies faster and more scalable than the firewalls themselves, Kearny said.

Security is therefore not new to F5, said Kearney. What is new is the industry finally recognising us a security company, he added.  

To boost its security credentials even further, F5 has launched security specific solutions in the recent past.

Kearny highlighted the companys F5 Labs, its application threat intelligence service, as well as a threat research group inside the company. We now have security researchers within the product development group constantly analysing the threat landscape and feeding that to our customers on how they can leverage our products and technologies to ensure that they address cyber threats.

We have filled out in the last few years other aspects of what customers expect from a security company, including threat research and other security solutions, Kearny said.

At GITEX last year, F5 showcased its network protection solutions, including F5 DDoS Hybrid Defender, F5 SSL Orchestrator, and fraud prevention products F5 WebSafe and F5 MobileSafe.

Earlier this year, the company launched the Herculon security product range, including the Herculon SSL Orchestrator that provides insight for the visibility gaps created by the growing use of encryption for application data, as well as the Herculon DDoS Hybrid Defender that delivers a multi-layered defence against DDoS attacks. The Herculon DDoS Hybrid Defender integrates hardware with offsite cloud scrubbing via F5 Silverline.

During the F5 Agility EMEA Conference in Barcelona last month, F5 also highlighted its current focus on cloud infrastructure. In the last two years, a lot of production applications have going live on cloud infrastructure, from private cloud to colocation sites and the public cloud.

A cloud-centric environment presents a whole different paradigm to security, Kearny observes.

For one, applications were much easier to manage in the old days of on premise infrastructure.  Thered be a monolithic application that would be replicated across servers, which would then be front ended with an application delivery controller for SSL termination or federated identity or even DDoS mitigation, said Kearney.

But majority of these applications are being moved into a host of cloud infrastructures.

The recent launch of the F5 Application Connector helps manage this cloud focus. The Application Connector delivers application services insertion from the edge of the public cloud by automatically discovering cloud-hosted workloads in AWS, and securely connecting any cloud provider to the customers interconnection or data centre.

We now have to follow those applications into those private and public infrastructures because our customers demand it, said Kearney.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code