F5 Launches Turnkey WAF Solution in Microsoft Azure Security Center

EN
- EN
- DE
- ES
- FR
- 中文
- 日本語

Solutions
App Security

App Infrastructure Protection

DDoS Protection

Web App & API Protection

Access Management

Traffic Management

Load Balancing

Availability

Performance Optimization

Cloud

Public Cloud

Private Cloud

Multi-Cloud

Colocation

Automation & Orchestration

Management, Visibility & Orchestration

Sustainable Automation

Partnerships

Super-NetOps

Container

Service Providers

5G

Fixed Line/Cable

Security

Network Functions Virtualization (NFV)

Signaling

Data Traffic Management

Use Cases
LORI MACVITTIE | F5 BLOG

THE STATE OF APPLICATION DELIVERY 2018: MULTI-CLOUD IS NOT JUST MARKETING
Read the blog ›
Products
BIG-IP

Availability/Performance

Local Traffic Manager

DNS

Service Provider

Carrier-grade NAT

Policy Enforcement Manager

Diameter Traffic Management

Platforms

Virtual Editions

iSeries Appliance

VIPRION Chassis

Security

Access Manager

Advanced WAF

SSL Orchestrator

DDoS Hybrid Defender

Advanced Firewall Manager

WebSafe and MobileSafe

Silverline Managed Security Services

Automation & Orchestration

BIG-IQ

iWorkflow

Cloud Editions

BIG-IP Cloud Edition

Ecosystem Integrations

Container Connector

Get F5

Subscription

Perpetual Licensing (GBB)

Enterprise License Agreements

Find a Reseller
DISCOVER PRODUCT UPDATES

From new public cloud offerings to innovations in hardware and software, you’ll find the latest information about F5 products and services here.

See what’s new
Customers
Services
Support

Professional Services

Training

Certification

Resources
Got Questions? AskF5.

Visit our self-service resource for product guides, downloads, release notes, solutions to known issues, and more.

Visit AskF5
Community
Partners
Partners

Technology Alliances
Become An F5 Unity Partner

Join our Unity Partner Program to become a Value Added Reseller or Managed Services Provider.

Get started
Company
Leadership

Investor Relations

Briefing Centers

Blog

Careers

Events

News

Press Releases

Features

Awards

Press Kit
Who is F5?

Learn more about who we are and what we do. Our company overview explains our approach to the app-centric world we live in.

Read the PDF

Andrew Hendry

July 21, 2016

Growth in Apps and DevOps

We’re all well aware of the benefits that companies have realized by adopting public cloud. Reducing time to market, shifting costs from CapEx to OpEx, and refocusing on core business concerns. It’s no surprise, then, to see that organizations have adopted a cloud-first strategy for new applications, and are increasingly migrating existing workloads to public cloud environs. Such efforts are behind the forecast from Azure that public cloud capacity will double every 9-12 months for the few years, which means the number of apps hosted in public clouds could reach 30 million by 2017.

Challenges of Public Clouds

That pace could be faster, if not for the challenges enterprises face when trying to move existing apps. While public clouds surely boast the capacity to absorb the growing volumetric, network-based attacks we all accept as inevitable today, application security remains the responsibility of the application developers and owners. And that responsibility is a grave one, indeed, as web-based attacks (request-response) are increasing at an alarming rate. One industry watcher reported seeing a 25% increase in web app attacks in the first quarter of 2016, along with a 236% climb in attacks over HTTPS. While specific attack types tend to vary by industry, no vertical is safe. SQLi and XSS, in particular, are on the rise again, likely because they have a high chance of succeeding when existing apps developed many years ago are exposed.

Organizations, well aware of the threats and the need to address them more definitively, are faced with choosing from an unappealing menu of options. Deploy with limited app security. Delay the project. Deploy a complex solution for which few, if any, IT staff on hand have the skills or experience with to configure and manage. On the upside, the result is generally a more protected application in the public cloud. On the downside is policy sprawl and device silos that create gaps in security that can open up other vulnerabilities. That’s not even taking into consideration the potential risk that security-related services will negatively impact application availability and performance, causing productivity to suffer and profits to plummet.

Fortunately, public cloud providers like Microsoft have done a lot to address these concerns by building more security capabilities directly into the cloud infrastructure and partnering with established security vendors that are already deployed widely in private data centers.

F5 and Microsoft Azure Security Center: Integration with ease of deployment and compliance

Enterprises have relied on F5’s application security solutions for over a decade. Many of these implementations have been in private data centers on both F5 BIG-IP hardware and software-based virtual editions. With the rise of public cloud, F5 has extended its security solutions for application workloads into those environments as well, and F5 is proud to have been available in the Microsoft Azure Marketplace for close to a year as a virtual appliance.

Now, with today’s introduction of Azure Security Center, F5 has demonstrated its continued application security leadership with greater integration and ease of deployment. The latest F5 web application firewall (WAF) solution for Azure helps enterprises meet compliance requirements and protect their assets against new and existing application threats and DDoS attacks.

“Azure Security Center discovers workloads where web application firewalls are recommended and integrates provisioning, monitoring, and alerting from leading solution providers like F5,” said Michal Braverman-Blumenstyk, General Manager for Azure Cybersecurity at Microsoft. “Our customers benefit from a unified view of security across their Azure deployments, including F5 BIG-IP appliances they have deployed, making it easy for them to bring their trusted security solutions to the cloud.”

At its core, the F5 WAF solution is powered by industry-proven and ICSA-certified BIG-IP Application Security Manager (ASM) and Local Traffic Manager (LTM) technologies as a pre-configured virtual service within the Azure Security Center. With this service, IT can regain data center-level control and customization in the Azure public cloud environment. The service provides comprehensive application layer protection and is easily activated using three protection levels pre-defined by F5 security experts.

Admins or developers can simply select the F5 service, determine the appropriate protection level, and within minutes start to defend their apps against threats. Real-time security reports and analytics from F5 for the applications are integrated back into Azure Security Center for a single dashboard of valuable information and insights for app developers, central IT, and security teams.

“The turnkey F5 WAF solution for Azure Security Center leverages F5 security and automation expertise to make deployment and configuration simpler,” said Damir Vrankic, Director of Cloud Product Management at F5. “This enables more users, including DevOps teams, to improve protection of their applications in Azure.”

F5 offers the flexibility to activate its WAF service as-is or by running BIG-IP ASM and LTM as Azure VMs. While we recommend initially selecting one of the pre-configured protection levels to immediately help meet compliance policies, enterprises do not need to stop there. Once the F5 WAF service is activated, there is access to the full set of advanced ASM features, which allows further customization to meet unique application or organizational needs. Or take advantage of the built-in Rapid Policy Builder capability to automate security policy creation.

Just as important, deploying F5 in Azure lets organizations extend existing security policies to maintain consistency across public cloud environments, use existing iApps templates and iRules, and leverage existing F5 licenses via the Bring Your Own License (BYOL) option.

Related Resources