F5 Distributed Cloud DDoS Mitigation
Delivering preemptive protection against L3 – L7 DDoS attacks
Software as a Service (SaaS) offering mitigates application-based and volumetric DDoS attacks.
Overview
Secure your applications and APIs against L3-L7+ attacks with Distributed Cloud DDoS Mitigation, a SaaS-based solution that allows you to easily scrub traffic with a variety of redirection options.
Challenges
DDoS attacks remain the leading cause of app downtime. In the first quarter of 2021, researchers recorded nearly 3 million DDoS attacks, a 31% increase from the same period in 2020.1
Increasingly sophisticated attacks
Distributed and volumetric attacks cannot be handled by outdated on-premises security appliances.
New DDoS tactics outwit older tools
Low and slow-ramping application-layer attacks cannot be mitigated by legacy DDoS appliances.
Multiple security solutions cost time and money
Managing multiple on-premises devices and service providers is complex and expensive.
Slow response to fast moving attacks
Long lead times and contractual issues slow delivery of on-demand capacity expansion.
Why Distributed Cloud DDoS Mitigation?
F5 points of presence (PoPs) and global private backbone can mitigate DDos attacks at the source.
AI/ML capabilities can handle sophisticated attacks that can’t be mitigated by legacy DDoS providers.
Our managed service for DDoS mitigation allows you to focus on your business uptime.
Easy to deploy, manage, and scale globally; stops malicious traffic closer to the source.
Maximize application uptime by identifying and progressing legitimate requests, not malicious activities.
Lower CapEx and OpEx with SaaS-based network perimeter security that reduces overall infrastructure costs.
Platform Overview
Provide controls to defeat targeted network- and application-layer attacks
Distributed Cloud DDoS Mitigation is based on a SaaS model and includes a network firewall, application and API security, and centralized observability with the F5 Distributed Cloud Console. The solution enables high-performance IP transit via F5 PoPs, and can be used for Border Gateway Protocol (BGP) based traffic redirection, employed with a generic routing encapsulation (GRE) tunnel, or accessed by subscription to Volterra direct connectivity services.
Mitigate attacks from impacting bandwidth and firewall performance.
Protect the application layer and secure your web apps.
Mitigate unauthorized access to private networks from the Internet.
Distributed Cloud DDoS Mitigation Benefits
On-demand provisioning and network scaling with single pane of glass visibility.
Dynamically expand capacity and deploy new services without adding capacity.
Maximize uptime of your revenue-driving infrastructure and applications.
Deliver more projects, applications, and capacity with SaaS platform.
Broad Platform and Cloud Provider Support
Distributed Cloud Services can be delivered to apps running on any platform, on any public/private cloud. Connect and secure apps running in VMs, containers, bare metal, or serverless.
Service Discovery and Service Mesh Integrations
Supports multiple service discovery protocols simultaneously: Consul, Kubernetes, and DNS work out of the box. Istio or Linkerd service mesh can integrate with a Distributed Cloud Services ingress/egress gateway.
Automation, Alerting, and SIEM Integration
F5’s native Terraform provider, vesctl CLI tool, and public APIs deliver to the automation needs of app teams. Support for tools like Opsgenie or Slack for alerting and Splunk or Datadog for SIEM simplifies life of DevOps and SecOps teams.
Ways to Deploy
Distributed Cloud Services deliver application management, networking, and security services closer to workloads and can be deployed in public/private clouds, on-prem data centers, and edge sites with centralized management via a SaaS-based console.
Manage and protect application workloads hosted in AWS, Azure, and GCP.
Manage and protect application workloads from any of the points of presence (PoPs) on the F5 global network.
Manage and protect applications at the data center and edge sites.
