This quarter's update sees minor increases across security, performance, availability, and identity/access.
It's a rare quarter that we see only gains in application services usage. This is one of those quarters. While the gains were minimal - 1% in most categories - it's impressive to see zero decrease in usage across categories.
Of particular note was HTTP/2, which has held steady at a 2% usage rate since January 2018. This quarter saw the first increase to 3%. While still anemic compared to other acceleration techniques like compression and multiplexing, it is encouraging to see even a tiny improvement. HTTP/2 will be best put to use improving performance of traditional, chatty web applications. Modern, API-based apps like mobile and SPAs are less affected by protocol performance because their conversations are short. While they would still benefit, organizations are unlikely to see significant improvements in performance with HTTP/2 unless they're applying it to traditional, stateful web apps that reuse connections over the lifetime of a session.
DEFEND
BOT DEFENSE UP AGAIN
Bot defense gained 1% again over last quarter, growing from 24% to 25% of organizations employing it to defend against malicious non-human traffic.
Research from F5 Labs proposes that half of all Internet traffic originates with bots. Nearly one third (30%) of these are malicious.
CONTROL & PROTECT
SECURITY STANDS FIRM
Use of application access and web single-sign on services were steady quarter over quarter, while web security gained 1%.
Analysis from F5 Labs revealed that applications and identities were the initial targets in 86% of breaches, making these application services critical.
ACCELERATE
SPEED RETURNS
HTTP compression and caching services each made gains of 1% this quarter, rising from 43% to 44% and 28% to 29% respectively.
Interestingly, SSL offload (client side) and TCP multiplexing both saw 1% gains this quarter. Both app services put an emphasis on improving performance. It is also worth noting that the percentage of server-side SSL deployed (71%) is lower than that on the client-side (83%). While client-side SSL (83%) is often deployed both as a performance-enhancing measure and in response to consumer demand, server-side SSL is typically employed to satisfy regulatory demands and industry best practices.
About the Author
Related Blog Posts
The everywhere attack surface: EDR in the network is no longer optional
All endpoints can become an attacker’s entry point. That’s why your network needs true endpoint detection and response (EDR), delivered by F5 and CrowdStrike.
F5 NGINX Gateway Fabric is a certified solution for Red Hat OpenShift
F5 collaborates with Red Hat to deliver a solution that combines the high-performance app delivery of F5 NGINX with Red Hat OpenShift’s enterprise Kubernetes capabilities.
F5 accelerates and secures AI inference at scale with NVIDIA Cloud Partner reference architecture
F5’s inclusion within the NVIDIA Cloud Partner (NCP) reference architecture enables secure, high-performance AI infrastructure that scales efficiently to support advanced AI workloads.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
Volterra and the Power of the Distributed Cloud (Video)
How can organizations fully harness the power of multi-cloud and edge computing? VPs Mark Weiner and James Feger join the DevCentral team for a video discussion on how F5 and Volterra can help.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.