SEATTLE, June 25, 2012
F5 Networks, Inc. (NASDAQ: FFIV), the global leader in Application Delivery Networking, today announced a cloud-based service that enables organizations to safeguard their infrastructures by detecting and stopping access from IP addresses associated with malicious activity. By identifying relevant IP addresses and leveraging intelligence from cloud-context security solutions, F5’s new IP Intelligence service combines valuable information on the latest threats with the unified policy enforcement capabilities of the BIG-IP® application delivery platform. The BIG-IP system’s ability to seamlessly combine subscription-based services from F5 with external services provides customers with a compelling new way to enhance overall security.
“Organizations are looking for security solutions that can dynamically synthesize information from a variety of sources to give infrastructures the maximum level of protection against sophisticated cyber attacks,” said Mark Vondemkamp, Sr. Director, Product Management, Security at F5. “At the same time, enterprises must preserve the flexibility to customize their systems and add safeguards as network and access conditions change, and as new types of threats emerge. F5’s IP Intelligence service enables customers to pool disparate threat detection capabilities, block malicious IP addresses, and tailor performance to specific needs by leveraging F5’s powerful BIG-IP Application Security Manager™ and iRules® technologies.”
Enhancing Security Posture while Lowering Overall Security Spend
Companies delivering today’s rich Internet content are exposed to a variety of attacks from rapidly changing IP addresses and other variables. In addition, inbound and outbound botnet traffic and malware activity can penetrate security layers and consume precious resources. Typically, organizations deploy point solutions such as IP reputation services to block malicious activity and sites, but unless these solutions are integrated with an Application Delivery Controller, they are not able to offer comprehensive, dynamic protection. Plus, enterprises can reduce their overall security spend by taking advantage of the BIG-IP solution’s ability to deliver unified services on a single platform.
Leveraging a frequently updated list of threat sources and high-risk IP addresses, F5’s new IP Intelligence service delivers contextual awareness and analysis of IP requests to identify threats from multiple sources across the Internet. The service draws on the expertise of a global threat-sensor network and IP address database to detect malicious activity, and can offer protection throughout the application delivery infrastructure with F5’s unified BIG-IP architecture.
F5’s new IP Intelligence service enables customers to:
By intelligently evaluating the reputation of Internet hosts, F5’s new service can prevent attackers from stealing data, compromising corporate resources, or otherwise disrupting business functions. F5’s new service denies access to IP addresses known to be infected with malware, in contact with malware distribution points, and with low reputations. Active IP addresses offering or distributing malware, shell code, rootkits, worms, or viruses are denied access. In addition, F5 helps organizations guard against many of today’s most prevalent web attacks, such as cross-site scripting, SQL injection, DDoS, and other threats associated with botnets. As an added benefit, this ability to detect and deny access stemming from unwanted requests results in increased infrastructure performance, since IT systems do not need to spend valuable cycles addressing requests from bad sites.
Deployed as part of the BIG-IP system, F5’s IP Intelligence service leverages data from multiple sources to effectively gather real-time IP threat information and block connections with those addresses. The service reveals both inbound and outbound communication with malicious IP addresses to enable granular threat reporting and automated blocking, helping IT teams create more effective security policies to protect their infrastructures. Even when a BIG-IP device is deployed behind a content delivery network (CDN) or other proxies, F5’s IP Intelligence service provides protection by looking at the real client IP addresses as logged within the X-Forwarded-For (XFF) header, helping IT make informed decisions about which IP addresses should be allowed.
F5’s IP Intelligence service alleviates the burden of repetitive, manual configuration tasks for network and security professionals, yielding greater overall efficiency. Global threat data is refreshed in the cloud to update the BIG-IP system as frequently as every five minutes. This provides an evolving database that minimizes the chance of exposure, protecting both the organization and its reputation. The IP Intelligence service’s automatic updates dynamically keep systems protected, and BIG-IP products can be easily configured to receive real-time updates for convenient security management across the application delivery environment. F5’s iRules capability provides a significant complement to this service, as organizations can seamlessly roll out additional commands that direct how BIG-IP systems handle certain types of traffic and specific requests.
“As web threats increase in sophistication and volume, enterprises want cloud-based security and threat intelligence services to augment their on-premise security deployments,” said Phil Hochmuth, Program Manager for Security Products Research at IDC. “The integration of F5’s BIG-IP web protection capabilities with cloud-based IP reputation and protection services will help F5 customers bolster their security infrastructure and make the BIG-IP into a more valuable security asset.”
“F5’s IP Intelligence service delivers substantial advantages for customers interested in protection from malicious IP addresses and attacks,” said Vid Sista, Network and Security Practice Director at Accudata Systems. “We continue to see customers striving for increased efficiency and effectiveness of their IT systems to contribute to their organization’s overall success. With F5’s consolidated security platform, enterprises can easily add new services and scale their infrastructures.”
F5’s IP Intelligence service and the company’s other technologies described in this announcement are available now with BIG-IP version 11.2 software.
F5 Networks, Inc., the global leader in Application Delivery Networking (ADN), helps the world’s largest enterprises and service providers realize the full value of virtualization, cloud computing, and on-demand IT. F5® solutions help integrate disparate technologies to provide greater control of the infrastructure, improve application delivery and data management, and give users seamless, secure, and accelerated access to applications from their corporate desktops and smart devices. An open architectural framework enables F5 customers to apply business policies at “strategic points of control” across the IT infrastructure and into the public cloud. F5 products give customers the agility they need to align IT with changing business conditions, deploy scalable solutions on demand, and manage mobile access to data and services. Enterprises, service and cloud providers, and leading online companies worldwide rely on F5 to optimize their IT investments and drive business forward. For more information, go to www.f5.com.
You can also follow @f5networks on Twitter or visit us on Facebook for more information about F5, its partners, and technology. For a complete listing of F5 community sites, please visit www.f5.com/news-press-events/web-media/community.html.
F5, BIG-IP, Application Security Manager, iRules, and DevCentral are trademarks or service marks of F5 Networks, Inc., in the U.S. and other countries. All other product and company names herein may be trademarks of their respective owners.
# # #
This press release may contain forward looking statements relating to future events or future financial performance that involve risks and uncertainties. Such statements can be identified by terminology such as "may," "will," "should," "expects," "plans," "anticipates," "believes," "estimates," "predicts," "potential," or "continue," or the negative of such terms or comparable terms. These statements are only predictions and actual results could differ materially from those anticipated in these statements based upon a number of factors including those identified in the company's filings with the SEC.