Consistency of policy across multiple cloud properties has been the top challenge facing organizations for as long as we've been asking about multi-cloud challenges. The recent diaspora of applications and access control only serves to exacerbate the importance of implementing a unified access control point able to enforce a consistent set of access policies.
While SaaS is not really all that new, what is new is the range of activities being commoditized and packaged as SaaS. All manner of business functions are joining CRM, SFA, productivity, and communications as SaaS offerings. And we anticipate that organizations will quickly jump at the chance to offload the operation of such software to a provider.
Despite changes in architectures and location, security problems do not change. Customers still need to protect applications, ensure availability, and defend against DDoS attacks. Application security is just a bigger challenge now due to the expanding attack surfaces and vulnerabilities.
With the help of an F5 Global Good Tech for Good grant, United Way Bay Area was able to transition to virtual service delivery for its clients during the pandemic. This infusion of funds helped expand the digital infrastructure of the SparkPoint Centers and supported virtual training for helpline volunteers.
F5 believes an important element of this more sophisticated automation is enabling applications to adapt. Much like a living organism, adaptive applications grow, shrink, defend, and heal themselves based on the environment they’re in and how they’re being used. This applies to born-in-the cloud, digital-native organizations as much as established companies with a complex mix of traditional and modern architectures.
Agile processes enable rapid releases to deliver customer value quickly and seamlessly; and new technologies make it viable to deliver daily releases, particularly for customers operating on a massive, global scale. Open source provides a model that offers the flexibility, agility, and stability companies need to efficiently deliver applications to their end-users—without the restrictions of vendor lock-in.
There are two walls in the delivery path for applications. The first (which has been the cause of much friction) is between development and production. And while DevOps methodologies have begun to break down this wall, the other—the one between production and delivery to consumers—is not so easily breached.
F5's Chad Davis: Digital disruption has arrived for notoriously cautious financial services firms. Applications are one of the most important competitive differentiators in the industry today, powering everything from accounting systems to transaction engines to the customer experience. What’s more eye-opening is that those apps are increasingly running in the cloud.
Most organizations are operating in multiple cloud properties in addition to their own on-premises, private cloud. For the past three years we've asked about the challenges and frustrations professionals in every role within IT experience while operating in this mode. Every year the top answer is the same: consistency.
F5's CEO: "Customers continue to look to F5 to enable their mission-critical application needs and deploy a combination of solutions spanning our F5, NGINX and Shape multi-cloud application services portfolio. In a challenging COVID-19 environment, our deep incumbency and close alignment with customers' investment priorities are proving distinct competitive advantages and driving resiliency in our business.”
In the three phases of digital transformation, the first phase is all about automation. The focus on digitizing of workflows in phase two will ultimately offer businesses a path forward to the third phase, where data-driven services will generate actionable insights that improve efficiency, reduce process friction, and increase both productivity and profits.
Big Table is dedicated to caring for those in the restaurant and hospitality industry who are in crisis, in transition, or in danger of falling through the cracks. They applied for and received an F5 Global Good “Tech for Good” COVID-19 Response grant, upgrading laptops and purchasing cameras, lighting, backdrops, a teleprompter, and other equipment to enable live-streaming events.
Online privacy is no longer about simply staying away from prying eyes. Encryption on the web plays a key role in affording us our privacy, and it is constantly changing.
Due to COVID-19, Lancashire Teaching Hospitals NHS Foundation Trust required significantly more staff to work from home. F5 and its partner, Full Proxy, rapidly combined forces to ensure that even a ten-fold increase in remote users had no impact on the user experience.
[F5 DevCentral Article] A new Remote Code Execution vulnerability announcement that affects several versions of BIG-IP was just released on June 30, 2020. Because of the severity of this vulnerability, we recommend immediately installing the latest patched version in order to protect your BIG-IP system from compromise.
Peter Silva walks you through the details, and why locking down the Management Port is F5 SIRT’s top tip for keeping your BIG-IP and your network secure from intruders.
Silverline Shape Defense, a fully managed service from F5, helps customers better focus on their users and safeguard businesses against bots, credential stuffing, scraping, and other automated attacks that result in fraud and abuse—leading to compromised efficiency, loss of revenue, and damage to the brand.
Gail Coury: With Silverline Shape Defense, companies get the visibility, detection, and mitigation outcomes they need to slash fraud; reduce cloud hosting, bandwidth, and compute costs; improve user experiences; and optimize their business based on real human traffic.
First confined to the data center, Application Performance Monitoring (APM) has become increasingly context-driven around web-based user experiences. Today, it isn't enough to identify what went wrong after the fact. Businesses need to identify where trouble might occur before it happens.
If you’re a Fastly CDN user, Shape’s industry-leading log analysis capabilities are just a flip of the switch away. There is zero impact on production traffic, so there is no risk of negative consequences—just straight up information gathering. F5's Frank Strobel takes a closer look.
We want to share this powerful message to F5ers from our FAB employee inclusion group leaders as a blog post to help channel our collective energy into concrete action. F5 stands in solidarity with the Black community and those who protest in support of social justice around the world.
Originally published for Black History Month, François Locoh-Donou talks with F5 Appreciates Blackness co-chair Monique Thompson about his personal journey, what it’s like to be a Black man in corporate America, and how to foster dialogue and understanding about the challenges Black Americans face.
At F5, our commitment to the fight against racism is a foundational part of our culture as a company. We consider diversity and inclusion part of being an F5er. Accordingly, our F5 Appreciates Blackness (FAB) employee inclusion group, the Diversity & Inclusion team, and executives are sharing the steps we are taking as a company, and the pledge we are taking as individuals.
There is an ebb and flow to technology cycles. Its inevitability is extant in many theories, such as the S-curve of innovation and a certain well-known analyst firm's hype cycle. Cloud is subject to these same waves. We've seen two very strong cycles over the past ten years, and it appears that a third wave is beginning to crest.
Yuichi Gonda, Regional VP at F5 Networks Japan, commented: “We are delighted to be supporting Rakuten Mobile on their 5G journey to becoming a global telco provider. This demonstrates how F5 solutions deliver and protect apps—from code to customer, reducing telcos’ operational complexity and costs.”
EVP Kara Sprague: The pandemic has raised the stakes overnight on digital experiences. The playbook for thriving has four distinct phases, which I’ve heard consistently from both customers and industry observers. Several organizations are applying this approach to enhance their operations with new digital processes that will drive ongoing differentiation.
Equinix addresses the challenges of distributed applications with connectivity, latency, and capacity at the network layers with its cloud edge locations and networking magic. With security and full visibility of traffic flows, it also acts as a control point between users, locations, clouds, and data in which organizations can deploy and enjoy the benefits and capabilities of a cloud gateway (such as F5 BIG-IP).
In the cloud era, the focus has flipped from vertical to horizontal scale. We still need more bandwidth and compute and processing power, but we've learned how to distribute that need. It's the way resources are assembled that changes the game. And make no mistake, the game has changed thanks to containers.
For service providers and enterprises transitioning to 5G network infrastructure and modern cloud architectures, virtual environments can now be hosted on low-cost, standards-based servers while moving specific functions to a Smart Network Interface Card, thereby boosting performance and lowering latency in the core and at the network edge.
To mark this year’s Women in Engineering Day, we connected with Sara Boddy, Senior Director of F5 Communities (F5 Labs and DevCentral), to discuss her career to date and why we need to continually strive for more diversity in tech.
Scot Rogers, Executive sponsor of the F5 Pride employee inclusion group (EIG) shares his thoughts on advocacy for the LGBTQ+ community at F5, and how the experiences and perspective of a close relative illustrated "the importance of embracing all people for who they are, as they are, and wherever they are on their life’s journey.”
While it is true that adoption rates have fallen short of initial predictions, there is plenty of evidence to suggest that NFV is as relevant as it’s ever been. Perhaps even more so.
Fortress Cybersecurity Awards highlight the world’s leading companies and products that are working to keep data and electronic assets safe among growing threats from hackers.
Data comes from a variety of sources across the code-to-customer path. Applications. Platforms. Application services. Infrastructure. Devices. All are capable of emitting data that can be turned into business value by the right solution. The elephant in the room during any discussion on the use of data is, of course, privacy.
We live in testing times. For telecoms operators, the COVID-19 pandemic is throwing up challenge after challenge. These range from a major mismatch between network configuration and the new traffic patterns, to physical attacks on 5G infrastructure and elaborate forms of fraud devised by a new breed of bad actors. At the same time, under-employed customers are querying bills and questioning their tariff plans.
The first step in a discussion about data architecture is to define what the concept of “data architecture” encompasses. Unsurprisingly, the answer turns out to be nuanced—it is layered and multifaceted. To help ground the discussion, it is useful to start by thinking about it in terms of the journey of collected telemetry data.
Digital payments have become as common as cash used to be. Shutdowns due to the COVID-19 pandemic have only accelerated the rate consumers rely on such services. But it has also accelerated digital payments on the corporate side. After all, businesses still have accounts payable and receivable whether they're open to the public or not.
With the development of container orchestration technologies, working with containers is easier and more programmatic than ever. But orchestration is only half the battle. Effective container strategies also require solutions for the different elements tied to applications, such as networks, storage, security, traffic management, and DNS.
CTO Geng Lin: Today, F5 offers the most comprehensive application services along the code to customer path. For the future, we are doubling down on application telemetries and analytics to help our customers discover insights about their applications, business flows, and user experiences. As we build out our cloud analytics capabilities, we'll further leverage ML/AI to help our customers to improve their business services.
In a get-it-done-now kind of environment, you need a fast and easy way to make sure your web apps are covered by fundamental protections. F5 recognizes the pressures those on the frontlines of the COVID-19 crisis are under, and we don’t want new technology to be another one.
Zero Trust is a powerful strategy that can help a business go faster and be more secure. While not a new concept, it is one that has taken on particular relevance for today's application-driven businesses and multi-cloud environments.
F5 announces the appointment of Tom Fountain as Executive Vice President of Global Services and Chief Strategy Officer. In this role, he will head F5’s global support, professional consulting, educational services, customer success, manufacturing, and technology services operations.
Demand for digital experiences is up. And there’s very little more frustrating to a user than an app or website failing to load. To be honest, there's very little more frustrating to an operator than an app or website failing to load. Achieving high availability is not just a matter of inserting a load balancer into the data path. That's part of the equation, but it's just one of the steps needed to ensure an app or website stays available.
Jay Kelley looks at how organizations are beginning to shift their technology concerns from application access and maintaining user productivity toward application security. The article also notes how cybercriminals are adapting and what you can do about it.
It should be no surprise that as there evolves a new generation of application architectures that a new generation of load balancing accompanies it. Since the birth of load balancing, just before the turn of the century, the technology has moved in a predictable pace, which means it is time for innovation.
F5’s Beacon, BIG-IQ, and NGINX Controller solutions give customers end-to-end visibility into the health and performance of applications, along with integrated traffic, security, and API management controls to take action based on those insights, surfacing new ways to lower operational overhead and achieve faster time to market.
With F5’s portfolio of visibility solutions, customers can collect and analyze application metrics no matter where the application or app services are deployed. They can connect to applications wherever they live, scale analytics natively, and close unknown gaps in application visibility to expand and strengthen security and reliability.
As we begin to grapple with the fact that our rebound will not happen as quickly as we’d all like, we are coming up with innovative ways to keep businesses moving forward. We are offering new tools and resources for our partner community to help solve customer challenges with remote access and security.
It may seem like a million years ago since we hosted our first EMEA LGBT+ @ Work Symposium in London (which included the official launch of the UK & Ireland branch of F5 Pride), but our work behind the scenes has continued apace. In many ways, our mission is only just getting started.
Lori MacVittie: Much like the health of our household reef tank, the health of applications requires careful attention to key metrics. Deviations, especially wild fluctuations, can indicate a problem. Manual adjustment of metrics is not a process you want to mimic when it comes to applications (as the average organization maintains 100–200 applications in its digital portfolio).
Together, Azure Active Directory and BIG-IP APM offer unified security and user experience between modern and classic applications, providing a single identity control plane and delivering SSO from any device to all applications, whether they are hosted on-premises or in the cloud, and whether or not they support modern authentication and authorization.
With the impacts of COVID-19, now home-based and remote employees require secure and seamless access to the applications they need to be productive—especially with all the new challenges they’re facing every day. F5 BIG-IP APM and Azure Active Directory simplify the user experience for application access by enabling users to log in once and access all applications they have the right to access in any location.
Mika Yamamoto, Chief Marketing and Customer Experience Officer, discusses F5's virtual Agility conference, the industry-leading event for architects, engineers, and developers to learn how building, managing, and securing applications in multi-cloud environments can accelerate digital transformation and deliver better customer experiences.
Culture is not something that can be switched on in response to a crisis. Digital transformation, first and foremost, is a response to a business need. So, the initiatives that support it need to be designed with business outcomes in mind. F5’s Teri Patrick looks at how business outcomes have been informed by organizational culture in the context of the current pandemic.
James Feger, GM, Service Provider, F5: This new partnership area is significant as it casts a global spotlight on the shared values of both F5 and IBM to enable Service Providers with broader choices of modern architectures and infrastructures—with both hardware and software options to enable open source hybrid cloud containers and innovate toward rapid network transformation.
Amid this pandemic, the systems processing unemployment claims in many U.S. states found themselves in peril. Developed using COBOL, the systems faced overwhelming demand, prompting urgent calls for those proficient in a programming language dating back to 1959. In parallel, many applications driving contemporary digital transformation efforts are microservices-based. These apps, like their COBOL forebears, are likely to be so critical that they, too, may still be running in 50 or 60 years.
The expansion of applications tied to organizations’ digital transformation efforts also increases the number of attack surfaces for bad actors to target, with the effects of the current pandemic further accelerating this growth. Coupled with users’ tendency to reuse passwords, you’ve got an unfortunately prime environment for credential stuffing attacks. In this article, Renuka Nadkarni from F5’s Office of the CTO highlights best practices that can help both businesses and consumers protect themselves.
In light of digital transformation initiatives quickly becoming a “checkbox” for modern enterprises, effective management of app services—and the devices that power them—is paramount. It’s also not easy, simple, or straightforward, especially in the multi-cloud world. That's why F5 is so dedicated to delivering end-to-end app visibility and control from code to customer with BIG-IQ 7.1.
“We saw continued rapid acceptance of our software and subscription-based offerings as enterprises and service provider customers worldwide look to F5 to ensure consistent application access, delivery and security,” said François Locoh-Donou, CEO and President of F5. “In the last month of the quarter, we also saw increased demand for capacity as customers looked to quickly and, in some cases, massively scale remote access capabilities to keep their employees safe and their businesses running.”
Frank Strobel, Director, Cybersecurity and IoT Alliances at F5: “Customers running BIG-IP and NGINX solutions in Azure now have an additional choice for key management that preserves scalability while providing full control in securing website traffic.”
The rise of cloud and continued adoption of containers points toward dynamic data paths through which apps are delivered. A single, strategic point of control and execution is often no longer operationally—or architecturally—feasible. But that does not mean that a unified point of control is no longer possible, provided that one chooses a proper tool.
In prioritizing health and well-being, organizations worldwide are finding out how they can work effectively when employees are separated by physical distance. Ian Jones, head of F5’s global Professional Services and Training Services teams, highlights the ways organizations are meeting today’s demands, and surfacing lessons that will apply long after the pandemic ends.
In today's heterogeneous IT environments, it’s all too easy for the rules and objects associated with the devices that make up the network to proliferate, adding complexity and risk. To help address this, AlgoSec has worked closely with F5 to extend rich visibility and orchestration capabilities across the entire multi-vendor network security fabric.
Extraordinary times call for extraordinary measures. Many people have uttered this phrase in light of COVID-19. One of those extraordinary measures has been a pivot to remote work for many of us. In this context, access to critical apps is often discussed. But rarely do we hear the details about how that access has been enabled.
An insertion point is an architecturally distinct location in the code to customer data path at which it makes sense to add functionality that is often outside the purview of development or operationally more efficient. Insertion points include the client, infrastructure, and the app itself. So, what we're looking for are app services that are both operationally and cost efficient at the point of insertion; in this case, we're focused on the app server (platform) itself.
Perennially important, virtual private network (VPN) security is now imperative given the current COVID-19 pandemic. Remote working has fast become the new normal and, correspondingly, the demand for VPN capabilities has skyrocketed. Unfortunately—if unsurprisingly—attacks on VPNs have risen sharply alongside.
F5's Kunaciilan Nallappan reflects on the early days of 2020, sharing his thoughts on the company's initial response to the COVID-19 pandemic and the continuing importance of putting employees, customers, and communities first as we navigate these times together.
For mobile service providers, COVID-19 has been the catalyst recently for dramatic traffic growth as enterprises and consumers follow mandatory stay-at-home guidelines. Fortunately, many OTT providers have throttled their video streams to reduce the strain on the network, but this has also highlighted to service providers the importance of being prepared.
This componentization of IT is like the componentization of the applications it is tasked with securing and delivering. It's estimated that 80 to 90% of modern applications are composed of third-party components, most of which are open source. The benefits to doing so include speed, responsiveness to change (agility), and a reduction in the cost to create the software. After all, if someone else already wrote the code for a wheel, why reinvent it?
As organizations rapidly mobilize a global teams to work from home, they are considering the performance, availability, and security of their corporate applications. In recent conversations with customers and partners around the world, we interestingly see a renewed focus on some of the same application services that topped the list in 2015—load balancing, network firewall, anti-virus, and most importantly, identity and access.
As COVID-19 continues to make its impact felt on a worldwide scale, F5’s Chief Human Resources Officer Ana White and Chief Marketing & Customer Experience Officer Mika Yamamoto reflect on implementing response and readiness efforts reaching employees and communities worldwide.
“For his entire career, Sri has been on the forefront of how technology can be leveraged to make financial services and commerce more convenient, affordable, and secure,” said François Locoh-Donou, president and CEO of F5. “His background will be a major asset to F5 as we further expand the ways we connect with our customers through SaaS, cloud, and digital go-to-market efforts.”
F5 EVP Kara Sprague: One of the reasons why application-level visibility remains so elusive is because application data paths are complex. There are generally several operational silos along the data path for a single application, and even more operational silos for each of the application architectures and infrastructure environments used within any multi-cloud architecture. And where there are silos, there is limited visibility.
The COVID-19 pandemic has created a new work reality almost overnight. Globally, companies like F5 are finding new ways to reinforce flexibility and innovative collaboration as key elements of employee culture. In this article, Jay Kelley takes a closer look at the activities of the Technology Services team at F5 during the course of March 2020 to meet the changing needs of the company and its customers.
The general dominance of video and SaaS traffic today is, in part, why remote access services are being overwhelmed. In parallel, the rise of telemedicine during this pandemic is increasing and along with it, live video traffic. One way to increase capacity and improve performance for remote users is to update your remote access configuration to reflect the modern makeup of application traffic.
Essential App Protect takes the complexity and guesswork out of safeguarding applications in delivering simple, fast, and scalable cloud-based security for web apps—wherever they’re deployed. The service can be activated within minutes, giving apps out-of-the-box protection against common web exploits, malicious IPs, and coordinated attacks.
F5 Office of the CTO’s Ken Arora examines how the evolution of applications and application services interacts and harmonizes with the larger megatrend of data value extraction (as well as digital transformation), where that symbiosis is today, and finally, where it's headed in the near future.
A new reality brings new vulnerabilities. With nearly 100% of staff telecommuting, what becomes the most important link in the connectivity chain? When exponentially more customers rely on the Internet to order products, what part of an organization’s operations suddenly becomes the most critical? Of course, it’s the network.
COVID-19 and its rapid spread across the globe have, however unfortunately and unintentionally, altered perceptions around what business agility looks like, particularly in the context of the sudden shift of employees requiring access to applications and data from vastly distributed locations.
Whether you’re struggling to respond to spikes in usage, communicate effectively with a newly remote workforce, or ensure that all employees have access to the apps and systems that allow them to do their jobs, here are some simple tips to help you adapt to the new reality.
For additional background and visibility around how the company is responding to COVID-19, a copy of the recent email sent to F5, NGINX, and Shape customers worldwide from our CEO is published here as a blog post.
The latest NetDevOps survey is in and the results show promise for the state of the enterprise deployment pipeline. A community effort, the NetDevOps survey digs for details not normally found in surveys focusing on "the network."
Spurred by the coronavirus, a mass shift in teleworking has been one of the most notable ways companies like F5 are moving quickly to make sure customers are up and running. But as this shift takes hold industry-wide, complexities emerge in other areas as well.
If you think DevOps is just developers who write scripts and manage CI/CD pipelines, you'd be wrong. If you thought they were just operations who focus on the development pipeline, you'd also be wrong.
With COVID-19 prompting widespread protection and prevention efforts, how can now house-bound and remote workers stay productive, access applications located anywhere (from any location, over different devices), and keep corporate apps and data secure? Jay Kelley provides some helpful guidance in the context of F5’s access management solution, BIG-IP Access Policy Manager (APM).
If you’re an IT professional, the impact of COVID-19 presents a host of new business continuity challenges, along with its myriad interpersonal adjustments. You need to respond quickly to unprecedented changes in work schedules, remote access to applications, and spikes in networking and data demands. Any of these can result in sluggish application health and performance due to over-taxed resources—affecting your ability to serve customers as they adapt to new realities.
F5 EVP Kara Sprague: Today's organizations are trying to reconcile an extreme pace of change with rising demands—serving users who don’t always know what they want, while facing constant pressure to innovate, compete, and respond to market developments. For many of our customers, these rapidly changing dynamics have become a catalyst to embark on large-scale transformations.
Aligned with International Women's Day, Lori MacVittie takes a moment to discuss her career to date, tips for women looking to get into tech, and reasons for additional optimism on the horizon (particularly in the cloud computing space) in this Q&A with EMEA's Neil Jaques.
When organizations adopt new architectures and develop new apps, they typically don't throw away ones that already exist. While there's always some culling of the portfolio that's taking place over time, it’s generally true that apps put into service years ago using traditional architectures are still in service—providing they continue to offer business value.
When we dig into the State of Application Services each year, we don't just focus on app services. There are a plethora of trends and technologies that impact app services in general, such as new app architectures, automation, and cloud have increasingly had an impact on surrounding topics. It's necessitated a shift from delivering app services as software to software coupled to hardware, from virtual machines to the cloud and, more recently, to containers.
The benefits of migrating away from hardware-dominated environments to cloud and software-defined architectures are well known—increased scalability, operational agility and economic flexibility, to name just a few. But there is also the common misconception that in order to realize these gains, organizations are forced to make a sacrifice regarding the performance of their apps.
Lori MacVittie continues a blog series on F5 Beacon and application visibility: Most of us who've worked in an enterprise setting have at least one tale of the inability to locate an app running somewhere on the premises. Whether it's on a long-forgotten server under someone's desk or deep within the data center, long-lived enterprises are bound to have lost an app at one time or another.
F5 announced the launch of the UK and Ireland (UKI) branch of its F5 Pride Employee Inclusion Group (EIG) this week. It also hosted the company’s first pan-EMEA F5 Pride: LGBTQ+ @ Work Symposium, highlighting best practices for diversity and inclusion, as well as mapping out plans to further bolster company-wide support for LGBTQ+ staff.
[Press Release] At RSA, F5 introduced its customer-focused approach to Application Protection, bolstered by new offerings and the company’s recent acquisition of Shape Security. Informed by customer use cases, prominent industry attack practices, and threat intelligence from F5 Labs, F5’s extensive portfolio safeguards all applications without impacting the end-user experience or slowing time-to-market.
Cloud-native, while still a term with many definitions, can be thought of as a methodology and approach, not a specific technology. And the importance of firmly instilling that into your organization can’t be overstated. The priority for teams and individuals involved in digital transformation is to ensure they agree on and understand the business outcome, using it to inform technical designs/solutions.
F5 kicked off the RSA week in brilliance and style at Microsoft Security 20/20. This gala event celebrated and honored their top partners within the Microsoft Security ecosystem. It’s extremely gratifying to be recognized for the customer obsession we have at F5 with the Customer Impact Award, given security is a critical initiative and core competency for both F5 and Microsoft.
Are we just using telemetry because it sounds sexier than data? Ultimately both data and telemetry are organized bits of information. To use them interchangeably is not a crime. But the reality is that, if you want to be accurate, there is a difference. And that difference will become increasingly important as organizations march into the data economy.
While we largely have Hollywood and science fiction to thank for our popular understanding of the complex topic, put simply, one can define artificial intelligence as “teaching a computer how to mimic aspects of human intelligence.” To understand how AI and application services will work together in the future, it’s first necessary to examine three distinct types of AI: Strong, Weak, and Assistive.
A growing number of app services are becoming integral components of cloud-native architectures, and the emerging app services are almost exclusively container-native app services. (These are generally—though not always—deployed as part of the surrounding operating environment required to deliver a cloud-native application.) Lori MacVittie looks at examples of such services, as well as their increasing value to organizations.
[Press Release] F5 announced the availability of its 2020 State of Application Services report. This year’s survey showed that many organizations are starting to realize the benefits of increased scale and velocity of application deployment in their businesses. This value, however, can bring significant complexity as organizations maintain legacy infrastructure while increasingly relying on multiple public and private clouds, implement modern application architectures, and face an evolving and sophisticated threat landscape.
Distributed denial-of-service (DDoS) attacks against service providers are significantly on the rise, according to recent research. An analysis of global customer security incident data from the past three years—both mobile and landline—also found that brute force attacks, though still prevalent, are on the wane. Other prominent observed threats include compromised devices and web injection attacks.
Bart Salaets: In the service provider realm’s not-too-distant past, there was a distinct line in the sand. On the one side, networking and security teams spearheaded the evolution to an NFV architecture, with a strong focus on virtualising network and security functions. On the other side, developers enthusiastically embraced cloud platforms, DevOps methodologies, and automation via CI/CD pipelines. The edge is where they come together.
[Blog Post] Months of analyzing over 2600 responses to our State of Application Services survey have culminated in a fascinating look at the impact of digital transformation on organizations around the globe. Companies are in progress on a technological transformational journey. Four in five executives told us they are acting on digital transformation initiatives, and that those initiatives are driving adoption of cloud-native architectures and app services—with automation and security also top-of-mind.
F5 introduces NGINX Controller 3.0, a cloud-native application delivery solution to help organizations increase business agility, mitigate risk, and enhance their customers’ digital experiences. Built to unleash productivity and efficiency, the 3.x series offers the first multi-cloud, self-service platform that removes the friction between DevOps, NetOps, SecOps, and app developers.
As organizations march steadily on their journey through digital transformation, the issue of integration becomes critical. In addition to the obvious integration challenges arising from the heterogenous app portfolio of most firms, there are similar challenges arising from the heterogenous app services portfolio organizations also maintain. Lori MacVittie points to this F5/VMware integration to highlight how customers can ensure the security, scale, and performance of applications.
With applications residing on-premises, you may have an understanding of where they all are or at least how to find them if asked. But with a move to cloud-native apps and migration to cloud deployments, do you know where all your apps are across multi-cloud environments? Jonathan George explores these topics in the context of F5 Beacon, the company's app visibility and analytics SaaS solution.
F5 announced financial results for its fiscal first quarter ended December 31, 2019. Revenue of $569.3 million for the first quarter of fiscal year 2020 reflects 5% growth from $543.8 million in the first quarter of fiscal year 2019, driven by software solutions revenue growth of 50%.
The inability to verify the integrity or correctness of data should be of significant concern to those organizations pursuing digital transformation efforts (which rely heavily on data). That data will be used not only to conduct business but it also forms the basis for pattern and behavior recognition. Accordingly, it will power advanced analytics that automatically make operational and business decisions without human intervention.
F5’s Tim Wagner draws parallels between Secure Cloud Architecture and urban planning in his latest blog, pointing out key considerations, items to account for, and—crucially—questions to ask at the outset that can help bring about desired results.
François Locoh-Donou, CEO of F5: The new NGINX Controller 3.0 brings enhanced enterprise features that go beyond what both traditional and cloud-native solutions can offer. By giving customers (that span DevOps to NetOps) the ability to automate functions across deployment models and locations, we are opening up a new set of self-service capabilities that will increase agility, mitigate risk and enhance the experiences organizations are able to deliver to their customers.
Gus Robertson, SVP and GM of NGINX at F5: An app-centric approach empowers developers through self-service, but from a centralized solution that maintains control and compliance for operations teams. The key to balancing AppDev productivity with Ops compliance is shifting the center of gravity from the instance of infrastructure supporting the app to the application itself. With Controller, teams spanning DevOps, NetOps, SecOps, and AppDev can work across the application lifecycle, managing the tasks relevant to their role.
Together, F5 and Shape represent an end-to-end application security solution, reducing infrastructure complexity while protecting every aspect of the ‘code to customer’ journey against losses from online fraud, reputational damage, and disruptions to critical online services.
What sets Shape and F5 apart is F5’s ability to capture high fidelity data from our position in front of millions of mission-critical customer applications combined with the sophisticated AI-assisted analytics platform from Shape. By integrating Shape and F5, we are executing on our vision to create an advanced set of security capabilities that can handle today’s most sophisticated attacks.
API stands for Application Programming Interface. Over the years, it has evolved from a tightly coupled imperative specification to a loosely coupled declarative model. Regardless of implementation and the mode of invocation, APIs tend to be associated with app development. But another API economy has been steadily expanding. It lies within operations. And in that domain, the "A" in API stands for automation.
It’s not unusual for DevOps engineers to use cloud-native tools, open source solutions, or other inexpensive (or free) resources that don’t require significant investment or interaction with the procurement team. But what if you need to advocate for a richer IT investment to drive needed efficiencies as well as to ensure better app security and performance?
Pause for a minute and ask yourself the following questions: Do you know how many apps you have? Do you know how those apps are performing? Do you know what those apps are doing? These questions may seem very basic, but many enterprises are struggling to find answers to them. F5’s Adil Laari explores app visibility in the context of the company’s new SaaS offering, F5 Beacon.
Agility is the way of IT these days. We all strive for developers and operations to go faster, to unleash creativity, unhindered by the burdens of provisioning app infrastructure and resources. The trick is balancing our need for app delivery speed with the need to stay secure and compliant (while also incorporating microservices, distributed API-driven architectures, containers, and multi-cloud deployments).
According to the Chinese zodiac cycle, the year of the (Metal) Rat is upon us. As the first animal in the zodiac, the strong, prosperous Rat brings a year of new beginnings and opportunities. Peter Silva gives his thoughts on the months to come and what they might hold for the industry.
Today, there are many enterprise applications that organizations use to conduct business where IT has no visibility. While this type of proliferation invites risk, it is often seen as relatively harmless. That may be because executives and stakeholders aren't aware of real impacts from an inability to steward a growing portfolio of "lost and found" applications.
Application architectures have evolved several times since the early days of computing, and it is no longer optimal to rely solely on a single, known data path to insert application services. Furthermore, because many of the emerging data paths are not as suitable for a proxy-based platform, we must look to the other potential points of insertion possible to scale and secure modern applications.
The use of APIs have the potential to be transformative by enabling new business models and revenue streams. Implemented without adequate guardrails, however, APIs also have the potential to disrupt and put businesses at risk. Concluding his two-part blog series, Mark Campbell outlines steps that organizations can take to help address the industry’s present API security gaps.
Shape, a leader in fraud and abuse prevention, adds protection from automated attacks, botnets, and targeted fraud to F5’s world-class portfolio of application services, protecting customers’ digital experiences. The strategic acquisition accelerates F5’s growth momentum and more than doubles F5’s addressable market in security.
François Locoh-Donou shares a copy of the email sent to global staff announcing F5’s agreement to acquire Shape Security.
Digital transformation has significantly increased the footprint of applications. Modern app architectures are diverse in nature and extend across hybrid and multi-cloud environments, with each app service carrying a potential for compromise and increased exposure. The need to protect each app service has only become more relevant since app layer threats remain the #1 type of attack.
The transformation from monolithic applications to ecosystems of microservices has made APIs a strategic and critical element of business success. APIs are typically designed to be externally exposed and accessed by business partners, customers, and microservices. Just like web applications, though, APIs can be a doorway for unauthorized access to sensitive data. And as with many technology advances, security considerations often trail behind.
Consider this: 54% of containers live fewer than five minutes. Predictably, this leads to security topics. If you’re trying to secure access (and you should be) and trying to protect the app or API running in that container, you've got to make sure your security services are constantly adjusting policies to match the current state of the cluster. That's a lot of change going on, which means a lot of operational overhead.
For app developers, working alongside a large infrastructure-platform team can be a blessing or a curse. When that team provides infrastructure, networking, and security services in a managed, self-service model—thereby relieving developers of the toil of managing infrastructure—it's truly a blessing. But if the infrastructure team’s primary delivery is a week(s)-long backlog with a revolving door of handoffs, developers can feel cursed.
F5's Peter Silva: As each year comes to a close, tech pundits blow the dust off their crystal balls and share their predictions for the coming year. As someone who has (let's generously say) repurposed others' since 2012 rather than thinking up my own, here's what some of the smart folks I read expect to happen...including some light commentary, perspective, observations, and advice along the way.
A good way to think about how digital transformation and DevOps practices are influencing app deployment is to picture an application factory. Instead of handcrafted policies and manual review processes, network and security experts need to define reusable policies for developers to deploy with their applications as part of an automated deployment pipeline.
Digital transformation is about moving technology from business interactions to processes to new models. At first, it's about apps. But as app portfolios expand, it turns to focus on automation and orchestration. With the increase in data generation, transformation becomes the pivot point for new business opportunities.
“With great power comes great responsibility.” Acknowledging Voltaire and Churchill, the quote is best known from the Spider-Man comics, attributed to Uncle Ben. Of course, part of the line’s cultural prevalence is that it can be applied to any number of situations and topics, including TLS inspection.
For many enterprises, new working patterns need to coexist alongside applications, teams, and technologies that have taken root over time and are now firmly embedded into the fabric of IT delivery. Zach Westall takes a closer look at how F5 and BIG-IP help DevOps teams (and the groups they work with) deploy services throughout the application delivery stack in support of CI/CD practices.
The future of security rests on telemetry that is more than technical data points picked out of packets. It requires a holistic view of interactions from client to application to behavior. Machine learning requires enormous amounts of data to establish and recognize patterns. This is why programmable proxies are such a critical part of an advanced security approach.
F5 Beacon was expressly designed with the purpose of providing visibility into every app, anywhere. Atop that foundational principle, we’ve built a robust open API, intuitive UI, and enabled analytics that provide answers to some of the most common questions asked by IT and business leaders everywhere.
Principal Cloud Evangelist Tim Wagner describes a typical progression of cloud migration efforts (referencing holiday shopping and the AWS re:Invent conference along the way), as well as some of the all too common pitfalls that can trip up even the most well-meaning of IT and development teams.
Visibility remains key for organizations to secure, scale, and speed up applications. And as apps are increasingly distributed—across containers, clouds, etc.—the more widely we need to distribute the application services that provide heightened visibility to enhance performance.
Tom Atkins emphasizes some of the benefits that F5 and AWS customers realize when building, migrating, and securing their applications. Drawing on multiple examples, this blog also underscores the value that F5/AWS partnership efforts have for organizations deploying all manners of cloud environments.
Hitesh Patel & Owen Garrett publish a blog timed with this week's KubeCon, noting that: F5 believes there doesn’t need to be a conflict between community and commercial solutions. A balance can be achieved, but it requires a commitment to work together and constantly refine that balance as new challenges and innovations arrive.
One of the reasons you see NGINX and, by extension, NGINX Plus deployed so broadly is that it has many roles within modern and traditional architectures. In this blog, Lori MacVittie highlights the advantages of NGINX Plus in operating containerized workloads with the Red Hat OpenShift Container Platform.
Many organizations are still learning how to define the concept and role of Site Reliability Engineering, as well as incorporate elements of Chaos Engineering. F5’s Keiichiro Nozaki explores these topics in summarizing commentary from a recent panel discussion at NGINX Conf.
Robert Haynes highlights the "2019 State of DevOps Report" from Puppet, drawing on its contents and his professional experience to note: The advantages of shifting security left into the software lifecycle rely on shifting those DevOps behavior principles into the security teams as much as, if not more than, moving security tools into the pipelines.
F5's Office of the CTO's Renuka Nadkarni: Some attacks are merely a nuisance, degrading network performance or disrupting availability. Some others may be relatively rare but have far more serious impacts in the form of data breaches. Like the plagues spread by mice that wiped out cities in a bygone era, today’s attacks wipe out brand reputations and business value.
Admittedly, load balancing topics may not be at the top of your priority list today, but Lori MacVittie points to some interesting considerations on where the technology is going (and how it will further benefit customers) in this blog.
EVP Kara Sprague: The pressure to transform digitally has become universal. Whatever your strategy is, the trick is to deploy and manage applications in a consistent way across all your different infrastructure silos. The best way to do this—and to get visibility into your code-to-customer pathways for all your applications—is to leverage a consistent set of multi-cloud application services.
With its distributed nature, edge computing empowers service providers to offer new solutions and services that simultaneously increase revenue streams and reduce network transport costs. In other words, it’s a big deal, and it puts service providers in a unique position to shake up entire industries (including their own).
Modern application architectures like microservices increasingly rely on APIs, making them a particularly attractive target for attackers who understand the value of gaining control over these endpoints. Lori MacVittie breaks down some of the preliminary options in securing APIs.
F5 CTO Geng Lin: Organizations are taking advantage of the proliferation of digital technologies to define new business models or to improve business productivity with existing models. While the pace of digital transformation varies based on the business and the sector it is in, overall, the journey of digital transformation has three stages.
[Press Release] F5 technologies support Rakuten’s October launch of the world’s first fully virtualized, cloud-native mobile network and its future deployment of 5G. The carrier will leverage F5’s network functions virtualization (NFV) capabilities to optimize its new mobile network and accelerate its path to 5G services in 2020.
Barry Russell, VP of F5’s Global Cloud Business, delivers a Q&A interview that adds color to the Oct. 23 announcement of a Strategic Collaboration Agreement between F5 and AWS, as well as what it means for customers.
It doesn’t matter how fast you can deliver if deployment delays release. While NetOps are warming up to automation and orchestration, there are significant challenges facing their efforts to speed up deployment. DevOps is in the best position to help them do that.
All cloud journeys are unique and can be complicated, with very different objectives, strategies, and hurdles. Some organizations are just getting their feet wet and others are charging full steam ahead—expanding into multi-cloud architectures and modernizing applications to embrace automation and native services.
The company announces its quarterly results, along with earnings for fiscal year 2019, with software revenue continuing to grow.
Peter Silva: Phishing has become the number one attack vector for good reason. And what is the most active time of year for fraudulent online schemes like phishing and fraud? Essentially, right now through the holiday shopping season. (I thought it best to get your attention near the opening bell.)
[Press Release] F5 and AWS move ahead with a multi-year global Strategic Collaboration Agreement (SCA) to better allow customers to use F5 for new cloud-native application workloads and extend their existing F5 investments on AWS.
Visibility is an often-cited challenge typically referring to the ability to inspect traffic, transactions, and errors that occur during an application's execution. But there's another, perhaps more critical, meaning to visibility at the business layer: a complete inventory of the corporate application portfolio.
[Blog and Video] F5’s Maggie Miller chats with an industry analyst on the trends driving optimism in the channel, how today’s buyers are different, and advice for F5 partners in this ever-changing market.
F5 expands global footprint by deploying points of presence in additional geographic locations, making its Silverline offerings available to customers across Asia Pacific. This enhances customers' options to protect applications and web properties without upfront investments in IT infrastructure and support.
When you ask customers why they're adopting a multi-cloud approach, one of the top answers is "avoid vendor lock-in." That's been a reason for multi-vendor everything in the enterprise for twenty and more years. It should surprise no one that holds true for public cloud, as well. After all, cloud is a product as surely as a network switch or data center server.
For seven weeks in July and August, F5 partnered with Girls Who Code to host 20 high school junior and senior girls in our new downtown Seattle headquarters with two goals: teach them coding skills and prepare them for a potential career in technology. In saluting their accomplishments on the International Day of the Girl, Kara Sprague provides a retrospective blog detailing this effort tied to F5's Global Good Program.
We tend to hear 'ecosystem' and think of applications, not those that focus on the transformation of the network. Integration into both these ecosystems is important because application services continue to provide critical functions like acceleration, security, and scale. Underscoring this approach, Intel has named F5 as a 2019 Leaders Board partner in the Intel Network Builders program.
Today, "machine" also includes code running independently on devices, APIs, containers, serverless architectures, and of course VMs. Because they are software-defined, these machine types are easily created, changed, and destroyed throughout the day, every day, making software-defined machines an important part of the app development workflow. Frank Strobel explores these topics in the context of F5 and technology partner Venafi.
In the journey toward continuous IT, there's a lot of focus on security. And well there should be. Breaches abound. Vulnerabilities are discovered on a daily basis, and the patch gap doesn't seem to be getting any smaller. While one of the often-suggested solutions for more secure code is, predictably, that of scanning source code, scanning only gets you so far.
Peter Silva: While cybersecurity awareness should be a daily adventure, it is still nice to have a full month dedicated to raise awareness about the importance of cybersecurity and to ensure that all people have the information they need to be safer and more secure online.
F5 has a cloud-based solution called the F5 DNS Load Balancer Cloud Service that leverages the AWS SaaS Enablement Framework and is now available in AWS Marketplace. While load balancing has traditionally been handled on-prem quite successfully, Roger Barlow outlines the many advantages of a SaaS-based approach.
With thousands of apps in use daily, hosted in all or any combination of locations, how can organizations ensure secure, appropriate user access without requiring users to login in multiple times? Moreover, how can organizations terminate user access to each application without having to access each app individually? VP John Morgan digs into the details.
The open source movement has always focused on freedom. The freedom to choose the solution that works best for you given skills, budgets, architecture, and goals. That principle continues to be a significant factor today when it comes to building repeatable infrastructure for the deployment pipeline.
It's that time of year again when the scent of pumpkin spice is everywhere, and we reach out to solicit your input on the State of Application Services and the trends/technologies that shape them. So take a few minutes to share your perspectives, opinions, and plans—we appreciate it!
Despite education and a constant litany of reminders that security is everyone's responsibility, not only is the corporate-consumer barrier being breached on a regular basis but the most basic of security practices is being completely ignored when it comes to apps and passwords, pointing toward the still-compelling benefits of multi-factor authentication (MFA) and password complexity requirements.
[Guest blog post] To promote app delivery automation, HashiCorp Terraform enables network operations teams to treat the F5 BIG-IP platform ‘as code,’ so the network infrastructure can be provisioned automatically when new services are deployed. Consul’s central service registry and service discovery capabilities track the real-time network location and health status of all backend services.
Researchers from the University of Kansas and the Stevens Institute of Technology are focused on developing a new metrics framework for security operation centers (SOCs) that measures and validates SOC performance against enterprise network security. Peter Silva provides more detail on this project and its connection to F5.
F5 announces Unity+, an innovative channel program designed to create long-term profitable partner growth. Unity+ enhances partner opportunities and incentives, captures new revenue streams, and drives tighter collaboration to help customers through technology transformations.
Through Unity+, F5 is collaborating with our partners to better meet their business needs and serve our mutual customers with flexible licensing models, greater deal registration differentiation, and easy-to-consume sales and pre-sales technical learning paths. VP Colleen McMillan provides additional details in this blog.
Open source isn't just about code. Operations are—and should be—embracing open source solutions. To fully realize the benefits, however, operations should also actively participate in and contribute to the communities creating the configurations, templates, and best practices around its implementation.
Following the popular 2018 Application Protection Report, F5 Labs (the company's security threat intelligence research team) is introducing a portal for its Application Protection Research Series to cover longer timeframes and the big-picture threat landscape. The team is also rolling out an Education series centered on foundational concepts in information security, designed for people new to the industry or interested in exploring a particular niche.
Gus Robertson summarizes Day 1 of NGINX Conf 2019 with his top three takeaways, explaining how F5 and NGINX together are supporting the move to a world of living apps, helping entrerprises increase the velocity from code to customer, and buidling new capabilities across the entire ecosystem.
This blog summarizes Day 2 of NGINX Conf 2019 with three top takeaways: F5's commitment to the NGINX open source community, a year's worth of NGINX updates and a preview of what's to come, and customer stories about their successes with NGINX.
The combined F5 and NGINX portfolio now has two service mesh offerings to scale, secure, and provide visibility into container environments. Both enable management and visualization of Kubernetes clusters. Both offer their solution as an on-premises option, and both provide tracing and metrics that are critical to addressing the issue of visibility. So which one is right for you?
At NGINX Conf, F5 Networks (NASDAQ: FFIV) announced several new solutions designed to help DevOps, NetOps, and SecOps teams better collaborate in delivering today's applications. Accelerated NGINX development and new solutions level up customers’ app and API infrastructures.
Kara Sprague: F5 and NGINX are not just integrating to go to market in the same old way together. The fundamental inspiration behind the acquisition was the fact that there’s a ton of value we can deliver together as a combined portfolio. Jointly, we deliver solutions that span the entire application lifecycle for monolithic, three-tier, and microservices-based apps alike.
Lori MacVittie takes a humorous look at how predictions or claims that the data center is dead (or at the very least, on its death bed) have persisted since the ascendancy of cloud to the majority industry mindshare. Further, they continue to be incorrect, with one of the reasons for these inaccurate predictions being the purposeful conflation of SaaS with IaaS.
Peter Silva notes a few of the modern ways that the capabilities of our five primary senses are being recreated using sensors. Today, gadgets (and IoT technologies) are being built that work in conjunction with, enhance, or in some cases replace the traditional functions of the eyes, ears, nose, tongue, and hands.
One of the impacts of digital transformation is the desire to move at speed. Organizations want to develop and deliver apps faster. They want to adapt to unpredictable changes in business conditions faster. They want to respond to attacks faster. So, how are they going to get there?
This summer, the F5 Newsroom revisits some of our most popular Web Application Firewall content | Proxy-based WAFs are integral to application protection. They’re also a go-to solution for addressing zero-day vulnerabilities through signature updates or the use of programmatic functions to virtually patch applications. But there’s still the question of location.
At VMworld 2019 in San Francisco, F5 polled attendees at its booth to find out what their most formidable challenges were in their jobs. Focused around the functions of NetOps, DevOps, SecOps, and AppDev, this in-the-moment research reveals how various IT teams are thinking about automation, security, digital transformation, and collaboration between the separate groups.
Cloud computing has changed the way in which we go about developing, building, and deploying applications. Apps that were born in the public cloud naturally assumed many of the same dependencies and characteristics. Thus, the term “cloud-native” accurately represents the etymology of the architectural style as opposed to a specific cloud requirement.
This summer, the F5 Newsroom revisits some of our most popular Web Application Firewall content | Building on the previously delivered trio of managed rules for AWS’ native WAF, this ruleset focuses solely on protecting your APIs against existing and emerging threats, including XML external entity attacks and server-side request forgery.
Deploying applications at the speed of users can paradoxically be something of a slog. IT, DevOps, and SecOps organizations may spend hours/days/months trying to figure out ways to simplify the delivery of applications while providing the safety and security required by today's users. This blog gets into one way that F5 and technology partners are addressing the associated challenges.
As Lori MacVittie puts it, the term community is tossed about a lot these days, but NGINX Conf really is about bringing together two different communities—open source and enterprise users of NGINX. Taking place this September in Seattle, Conf is a great opportunity to share ideas and collaborate on the technical, architectural, and operational approaches customers and the surrounding industry are taking toward application delivery.
This summer, the F5 Newsroom revisits some of our most popular Web Application Firewall content | Apps today are the gateway to customer and corporate data, and traditional methods of controlling access at the network layer aren’t enough—with bad actors increasingly targeting identities and applications. So how, exactly, does a WAF mitigate all those vulnerabilities that keep cropping up like weeds in the garden?
Sensitive data should include code, and it should be protected. Code is the heart of a digital business and the delivery pipeline is increasingly considered an attack vector. By putting into place a privileged user access model, you can be more confident that both the credentials—and the user behind them—are legitimate.
With many organizations deploying dozens to hundreds of applications, their value is constantly growing, but visibility and manageability of all of these apps is no small feat. The latest release of BIG-IQ is a significant leap forward that can help NetOps, SecOps, DevOps, and application owners build, deploy, and manage apps, devices, and services more intelligently.
This summer, we revisit some of F5’s most popular WAF-related content | Moving to the cloud enables developers to circumvent traditional enterprise IT roles that are obviously needed, considering the growing number of cloud breaches. It can also enable companies to deploy systems with poorly-configured security features, not because they want to, but because individuals might not understand the consequences (or might assume a breach is unlikely).
When a pipeline (system) is designed by a team, they are able to take into consideration the pipeline as a whole rather than as its composite pieces. That is, the individual communication channels between IT domains point toward a peer process that better facilitates the design of a system that spans multiple concerns.
Europe’s leading cloud-based talent management and learning software provider needed to scale its IT operations to meet ambitious global expansion goals. With an F5 solution implemented across private cloud, data center, and Microsoft Azure environments, it was able to provide 9 million users across 130 countries software access on any device, from any location.
This summer, the F5 Newsroom revisits some of our most popular WAF content – In this blog, Lori MacVittie navigates the give-and-take between security and performance, the pitfalls of giving up one for the other, and how WAFs can help organizations deploy security strategically to prevent exploitation, detect breaches, and safeguard applications.
F5’s blog series wraps up with a quick summary of covered topics, key lessons, and overarching themes, noting the relevance of techniques you've likely used elsewhere to secure traditional apps and infrastructure. The series closes with a salient parting reminder: Customers expect security. Don’t disappoint them.
With F5, Shinsegae Internet Duty Free enhanced its online retail experience, application performance, and customer data security. Advanced WAF helped shift the focus toward automated threat protection and more proactive security measures, realizing significant benefits over traditional WAF approaches.
The F5 BIG-IP system has a powerful programmability feature called iRules, based on an extended and customized Tool Command Language (Tcl). As is the case with any programming language, developers need to understand the commands and functionality of the language in order to avoid possible vulnerabilities and other problems. This video highlights one such command and discusses the need for secure coding practices.
It's important that security teams get outside the boxes on typical architectural diagrams to really understand applications. A significant percentage of (successful) attacks are executed at the application layer. The longer we fail to recognize the unique characteristics of various types of applications, the longer those applications remain vulnerable.
This summer, the F5 Newsroom revisits some of our most popular WAF content – In this blog, Lori MacVittie calls out three web app security rules that extend AWS WAF functionality to provide protection for any app. They’re managed, which means security experts are maintaining and updating them so you can have confidence that they’re always up to date and defending against the latest threats.
The key to simplifying multi-cloud architectures is to standardize elements wherever possible. By employing tools that can be used across environments, much of this complexity is abstracted away as you move from a cloud-specific to a cloud-agnostic service portfolio.
"Link arms with your functional counterparts and strive to achieve a common set of goals. That's when you elevate the standing of marketing, the customer experience, and the company's results—which is really what it’s about."
This summer, the F5 Newsroom revisits some of our most popular Web Application Firewall content – In this blog, Brian McHenry covers how modern attacks can bypass virtually all traditional WAF detection mechanisms and explores the capabilities necessary to combat the evolving threats seen in the application security landscape.
We're moving from an expert operations economy to a commodified operations economy. Today, the operational aspects of deploying network and application service infrastructure are expected to be accessible to a broader set of roles within the organization. To get there, simplification is necessary.
Part four of F5’s blog series explains that while ‘workload’ is a fairly recent term that’s often used to describe applications, it can also refer to infrastructure services. That’s important, because there can be a variety of ‘workloads’ running in your container clusters that aren’t necessarily coming from your developers.
The third entry in F5’s container security basics blog series digs into how the orchestration layer of container security focuses on the environment responsible for the day to day operation of containers. (And by the data available today, if you’re using containers, you’re almost certainly taking advantage of Kubernetes as the orchestrator.)
Revenue of $563.4 million for the third quarter of fiscal year 2019 reflects 4% growth from $542.2 million in the third quarter of FY 2018, driven by total software solutions revenue growth of 91%, including a partial quarter contribution from NGINX.
F5 EVP Kara Sprague: If we’re going to gain a toehold toward minimizing threats so we can maximize the value of the application ecosystem, organizations need to start investing the same energy and resources into their application capital as they do with physical assets and talent.
Traditionally, there are three architectural planes associated with network infrastructure: data, control, and management. But a fourth layer—the orchestration layer—integrates with container environments and makes use of related capabilities to automate the discovery of services and instances.
F5’s blog series on container security basics continues. The CI/CD pipeline is a critical component upon which rests the speed and security of the applications it builds and delivers. Accordingly, there are two main elements of pipeline security: first, security of the pipeline itself. Second, security in the pipeline.
F5 is expanding its existing Enterprise Licensing Agreements (ELA) program to increase the value of customers’ physical and virtual infrastructures. Specifically, we’re adding ELA support for both NGINX software—building on the recent acquisition—and BIG-IP software running on F5 appliances.
When it comes to breaches involving apps and data exposure, fingers are almost always pointed at developers. But Lori MacVittie discusses why we can't blame all breachers on developers.
With 2019 crossing the halfway point, Peter Silva looks at some of the year’s notable technology trends for optimists and pessimists alike, particularly where security is concerned.
Container adoption continues to accelerate across (almost) all areas of IT. But what does container security really mean? F5's Jordan Zebor and Lori MacVittie offer their take in the first of a blog series focused on the topic.
What is Magecart? Magecart is really a term given to a group of cybercrime units. At least a dozen groups are responsible, and each have their own specialty. F5’s Peter Silva examines how it was also last year’s #1 root cause of retail, tech, and manufacturing breaches.
The focus of IT as its moving through its digital transformation should be to modernize ops - from the technology to the teams that use it to innovate and deliver value to the business. Lori MacVittie's blog touches on how silos within an organization can impede successful transformations.
When it comes to multi-cloud consistency, Lori MacVittie discusses why a failure to recognize the two different types of consistency - functional and operational - and their importance is at the root of the problem with implementation.
What's this got to time to value and applications? Everything. Because as it turns out, traditional IT is really driving to production in a serial circuit, while modern app developments is burning at all hours on a parallel one.
It seems like the whole world is encrypted. That can be a very good thing, as encryption keeps our personal info safe. But, encryption also creates security challenges, such as blind spots where hidden threats like malware and malicious payloads can lurk. Fortunately, F5 and Cisco have a solution.
Now in preview, the F5 DNS Load Balancer Cloud Service features DNS-targeted DDoS protection and highly available and responsive global server load balancing (GSLB).
Combined solution provides F5’s industry-leading availability and security services on Cisco’s SDN platform for superior layer 2-7 performance.
The reality is that unless you're a green field startup, you have both traditional and modern applications running right now. Which means you need to support both legacy and modern architectures at the same time. We’ll discuss how with the help of containers.
Peter Silva summarizes a recent report on how organizations are moving quickly to adopt the new standard of Transport Layer Security (TLS) 1.3, while addressing both operational and security concerns as a result of the transition.
With a staggering 60% of users experiencing a container security incident in the past 12 months, if you aren’t already practicing safe containerization, Lori MacVittie shares five steps to consider putting into practice.
Frank Strobel shares his thoughts on how new technologies and solutions are impacting the real world, after spending the week at the Bosch Connected World 2019 - the leading conference on IoT and digital transformation - in Berlin Germany.
New Center of Excellence in Hyderabad aims to grow and scale F5's software and cloud portfolio, to meet customer needs worldwide. Learn more about the how this office space will allow expanded and enhanced time zone coverage, along with customer service and disaster recovery capacity in support of F5's global business.
We look at the trends and changes in application services usage – across security, performance, and identity/access – from the first quarter of 2019.
F5 SVP Calvin Rowland recaps last week’s Red Hat Summit in Boston, highlighting the continued partnership between the two companies that resulted in F5 being honored with a Partner Technology Innovation Award by Red Hat.
The majority of organizations across the globe and in every industry are currently in process of digital transformation. Lori MacVittie looks at the latest trends surrounding the digital economy and supply chains to better understand how enterprises are changing how they develop apps, when they deploy apps, and with what architectures.
F5 has completed the acquisition of NGINX, an open source leader in application delivery. For additional background, read the press release and additional perspective from F5 and NGINX leadership.
Employees are often frustrated with corporate security policies and in general, most people’s primary jobs are not security related. F5 Security's Peter Silva discusses why it's important to devise security policies that work for, rather than against employees.
Mika Yamamoto joins the company in a new Chief Marketing & Customer Experience Officer position, and Geng Lin will take on the role of Chief Technology Officer.
Operations needs integration. Without it, we can't automate processes (which is what orchestration is) because processes necessarily span multiple systems, services, and devices—each of which likely has its own operational domain and toolset.
Our Bridging the Divide series continues with Robert Haynes addressing the long-standing myth within the networking and security communities; that secure software architectures are inflexible, and agile-delivered software is less secure.
We are nearly numb to breaches today because they happen with such alarming frequency. At the same time, we are so enthralled by our own brilliance in cryptography that we forget that most data at rest—tucked away inside databases—is unencrypted.
Bringing together F5 and NGINX, we will be able to satisfy the requirements for “reliability” no matter the definition. Whether that applies to the reliability of small, developer-driven deployments scaling modern applications or large deployments scaling application services and traditional apps alike, a combined portfolio will offer customers the ability to use the right tool for the right app.
Revenue of $544.9 million for the second quarter of fiscal year 2019 reflects 2% growth from $533.3 million in the second quarter of fiscal year 2018, driven by software solutions revenue growth of 30%. The combination of demand for application security and new software consumption models from F5, including Enterprise Licensing Agreements, helped drive 30% software revenue growth in the quarter.
There is a growing demand for APIs. Whether helping to fuel the digital economy by enabling mobile apps or internally pumping up productivity through automation and orchestration initiatives, APIs are everywhere.
As the world of container technology matures, so does the integration of the enterprise-class technology required to support it, encouraging traditional offerings to move in the direction of container orchestration environments like Kubernetes.
Today, both traditional and modern architectures are valid and necessary for business to succeed in delivering digital capabilities faster and more frequently and, most importantly, in the most efficient way possible to support its most valuable asset: a multi-generational portfolio of applications.
Whether it's an entire library of movies and television shows available at our fingertips or the ability to catch a ride, book a table, or find the nearest gas station, every type of organization is under pressure to address customer needs and add value digitally right now.
If you have already started automating F5 application services, you are likely familiar with using automation tools such as Ansible. To support more use cases and make application service deployment easier, F5 is releasing Application Services 3 (AS3) as part of the F5 Automation Toolchain.
Not every customer is at the same place in the journey to automation, so we’ve built F5's Automation Toolchain as a set of components that can be broken apart and used independently, then brought together as a unit when the time is right.
It's somewhat ironic that the number one application service respondents won't deploy an application without is security, and yet digging into the deployment details shows that perhaps that's not entirely true. In the cloud, at least, it seems security is being shoved to the side more often than it should be.
With consistent services and policies in the Alibaba Cloud, and across other supported cloud environments, operations teams can comfortably secure and optimize any app while providing developers the architectural flexibility to pick and choose their cloud of choice.
We've seen too many articles that pit DevOps teams and NetOps teams in opposition to each other, almost at the personal level. That’s not helpful, and this isn't one of them.
F5’s Hitesh Patel: In this environment the bar for success is no longer releasing a new product. It’s continually engaging and listening to all of the product constituents—customers, partners, F5 engineers, support staff—in a constant lifecycle of innovation and improvement.
With the general availability of GKE On-Prem (a core component of Google Cloud’s Anthos), F5 reveals its integration with this new solution, allowing its users to get one step closer to crafting a truly hybrid cloud architecture.
In recent years, there’s been a volley of sorts about data replacing oil as the world’s most valuable resource. And, as you might imagine, there is far from uniform agreement on the topic.
Back in the good old days, business could rely on the use of strategically deployed proxies to improve the performance of applications. That's because traditional applications—monoliths and three-tier architectures—generally employed a single data path between the client and the server.
Looking forward, F5 and NGINX can enable enterprises to address one of IT’s most pressing needs: fast, frequent deployments across a varied set of application architectures residing in multiple cloud properties. We believe that doing that successfully depends on NGINX remaining open source and being driven in large part by the community that built it.
F5 CEO François Locoh-Donou introduces a blog series to explore the divide that has existed between modern, open source applications developed in (and for) the cloud and the traditional, mission-critical applications that are often the last to migrate out of the enterprise data center.
DNS remains one of the least appreciated application services in existence. Its role is so important, that its failure is considered catastrophic. If every DNS system stopped answering queries, it would bring the digital economy to its knees within minutes.
Launching on AWS, new SaaS offerings provide optimized, easy-to-consume services for application developers and DevOps teams.
Venu Aravamudan, SVP & GM, F5 Cloud Services: F5 Cloud Services accelerate application delivery through a frictionless, intuitive multi-cloud platform. These SaaS solutions are optimized for cloud-native applications and microservices.
With the launch of F5 Cloud Services, Principal Product Manager Roger Barlow walks you through the specific advantages of the DNS Cloud Service, offering secondary authoritative DNS.
SVP of Business Development Calvin Rowland shares his excitement around F5’s acquisition of NGINX and looks ahead at the promise of combining technology partner ecosystems with open source efforts to benefit customers and deliver end-to-end application services.
Following up on the recent acquisition news, NGINX CEO Gus Robertson elaborates on F5's committment to the NGINX open source technology, developers, and community.
VP Trevor Rodriguez discusses his previous experiences working for a Tier 1 telecommunications company, and how they help illustrate the value that the F5 Service Provider Essentials offering provides for SP Operations teams.
Moore's Law is often expressed in terms of compute power doubling every two years. But by harnessing the power of containers and cloud, and the reliability and speed of modern networks, we don't have to wait two years to increase our ability to process data and make decisions faster.
Given the slow but steady adoption of HTTP/2 and the security challenges posed by HTTP/3, the latter is likely to face a long, uphill road to adoption for the foreseeable future.
Keiichiro Nozaki reflects on DevSecCon Singapore 2019 and the evolving roles of DevOps and Security teams, as well as the benefits of collaboration for both.
“F5’s acquisition of NGINX strengthens our growth trajectory by accelerating our software and multi-cloud transformation,” said François Locoh-Donou, President & CEO of F5.
For additional background on the March 11 announcement, F5’s CEO shares his thoughts related to the company's agreement to acquire NGINX.
Fail fast is the mantra of speed today. While the theory of this philosophy is good (for the business and for DevOps), in practice the result is often just more failure.
Partnership between F5, HPE, and Microsoft extends integration announced in September to further enable agility for customer application environments that use Azure Stack.
Team structure matters because it helps define your purpose and priorities. That, in turn, determines the metrics by which success is measured. This is significant not just because of the need to encourage a more collaborative culture, but because of the way it impacts decisions and technology choices.
Microservices and Function as a Service (FaaS) often facilitate Agile development because a relatively small team can design, develop, and then refine a service much more quickly than they can a large, monolithic application. But there's another interesting benefit of microservices and FaaS that isn't being touted as much as it should: security.
Vice President and General Manager, Service Provider, James Feger shares his thoughts on 5G, automation, IoT, and other industry topics that will be in focus during this year’s Mobile World Congress event.
For five years we've asked thousands of respondents across every role in IT and around the world a simple question: What one thing would you never deploy an application without? In other words, what's the most important thing you can provide for your applications?
By layering an F5 Advanced WAF in front of a 3scale API gateway, customers benefit from additional security measures that include the use of IP intelligence to identify threats faster and more accurately, the ability to offer a secure API façade internally or externally, and protection against a variety of application layer attacks.
New tools and services enable telecoms transitioning to 5G to optimize networks, monetize new services today, and secure their networks at every layer. F5 is also introducing a service and support plan designed specifically to meet the complex and evolving needs of service providers.
As the telecom network evolves to support 5G and a wide variety of use cases across different industry verticals, we note from the 2019 State of Application Services survey that telecom respondents are raising their technology profile as leaders.
While most of the focus of programmability is on operations today, there remains a significant amount of data path programmability that's vital to enabling consumers to interact with applications.
Function as a Service (FaaS) is quickly finding use in a variety of operational and development contexts. And while the rising star of cloud computing is often mentioned in conjunction with APIs and IoT and mobile apps, there is significant use outside development for the technology.
Keiichiro Nozaki provides his perspective on the 2019 State of Application Services, noting regional trends and themes to provide deeper visibility into the priorities of today’s organizations, as well as the technology initiatives they are pursuing.
F5 announces the availability of a joint solution with Equinix that provides automated HSM (hardware security module) capabilities as-a-service. This integration combines F5 BIG-IP and Equinix SmartKey technologies to simplify encryption key lifecycle management and provide superior security for organizations hesitant to store their ever-increasing number of keys in the public cloud.
SVP Calvin Rowland digs into a joint solution with Equinix that enables high-speed key retrieval, allowing BIG-IP to decrypt and orchestrate SSL traffic for any application regardless of its location—on-premises, private or public cloud—thereby drastically simplifying multi-cloud key management…and giving you one less thing to worry about.
The Year of the Pig is upon us! Peter Silva offers his thoughts on the coming year and what it might represent for businesses, security, and the larger industry as 2019 unfolds.
We know that just about half of the traffic on the Internet today is generated by bots. Some good, mostly bad. Operational efficiencies from automation and machine learning—usually discussed in a more positive context—are also being weaponized to perform reconnaissance probes and attacks alike.
Capital One Financial Corporation (NYSE: COF) announced that F5 CEO François Locoh-Donou has been appointed to the company's Board of Directors, effective March 1, 2019. Mr. Locoh-Donou will stand for election by Capital One stockholders in May 2019. >
The strategic importance of data can only be realized through an application. And an application can only fulfil its purpose by interacting with data. This strategic codependency can be clearly seen in this year’s State of Application Services report. >
The annual survey is given to top executives, directors, and financial analysts for identifying companies with the strongest reputations within and across industries. This is the second year in a row F5 has made the list. >
Container adoption has been a steady course to consume budget for a couple years now. What may be a surprise is the reasons behind that adoption. Spoiler alert: it isn't really about microservices. >
As DevOps has continued to press its case inside of IT, we've seen the adoption of automation and "as code" methodologies, including growing use of CI/CD tools like GitHub enterprise and Jenkins within the production pipeline. This post from Lori MacVittie and the Office of the CTO takes a closer look at Infrastructure as Code and what F5 is doing to enable and support it. >
Revenue of $543.8 million for the first quarter of fiscal year 2019 was up 4% from $523.2 million in the first quarter of fiscal year 2018. Growth compared with the first quarter of fiscal year 2018 was driven by continued momentum in software solutions, which drove year over year product revenue growth for the third consecutive quarter. >
APIs are the new CLI. Increasingly, it is through an API that infrastructure and application services are provisioned, configured, and operated. Between automation and integration into deployment pipelines, the API is a critical component that every device—hardware, software, on-premises, or cloud—must have. >
Diving into application services alone is (almost) always interesting. But delving into the applications, environments, trends, and technology that drive organizations to use an average of 16 different applications services gives us a valuable glimpse of what IT and business will look like in the next year. >
Just announced, the 2019 State of Application Services study looks at ways digital transformation is driving strategic decisions around the deployment and management of applications. The annual report reflects input from nearly 2,000 respondents globally across a range of industries, company sizes, and roles. >
Having a “Zero Trust Strategy” is a lot like having a “Cloud Strategy”; it’s pretty meaningless without the context of what you’re trying to achieve and where you are today. Global solution architect Graham Alderson identifies key topics to consider for organizations pursuing this type of approach to security. >
Five years ago, the industry was questioning the role of traditional IT – today IT organizations are embracing cloud and investing in the skills and toolsets required for automation. Cindy Borovick looks back at the industry’s progression in the context of the just released 2019 State of Application Services report. >
F5 welcomes Nick Mehta, CEO of Gainsight, Inc., and Marie E. Myers, CFO of UiPath, Inc., to its Board of Directors. Mehta and Myers bring considerable leadership backgrounds to F5’s Board, along with valuable technology expertise. >
Lori MacVittie: For as long as I can remember—which is a long time—the siren call of a single pane of glass through which to view and operate infrastructure has lured IT. Like the Holy Grail, it has never been discovered and a good many IT professionals have become cynics as to its existence. >
Lori MacVittie comments on the role of cloud and application services in the context of F5’s upcoming State of Application Services report. In all its forms—public, on-premises private, and SaaS—cloud has maintained its place of strategic importance, impacting the application services deployed, the tools and technologies used to automate and orchestrate IT, and even in the evolution of team structures inside organizations. Will this year continue the trend? >
Serverless is the rising darling of the cloud world, but it's often misunderstood and attributed with almost supernatural powers to reduce costs, speed time to value, and make you breakfast in bed. And if that wasn’t enough, it’s also frequently conflated with Function as a Service (FaaS). >
Previously available for AWS and VMware environments, BIG-IP Cloud Edition’s support for Azure gives customers another easy-to-buy, ready-to-use solution for delivering application availability, performance, visibility, and security. >
The growth of container app development incorporated into DevOps pipelines is nearing peak adoption across the app landscape, but some challenges persist. F5 declarative automation and orchestration solutions combined with ecosystem integrations are capable of delivering app services anywhere, including as Ingress into container environments. >
As the worlds of DevOps and NetOps collide and container environments subsume definitions traditionally used in the network, let’s explore the use of the often-confusing term "ingress" in terms of the data path and container environments. >
Ankita Bhalla revisits the importance of understanding the industry’s use of third-party hardware, highlighting F5’s iHealth and new Remote Attestation for TPM Chain of Custody feature as examples of how F5 helps keep you and your applications protected. >
Regional VP of Channels Lisa Citron congratulates the winners of the 2018 North America Partners of the Year Awards, recognizing the exceptional performance of strategic resellers, service providers, and distributors in providing training, solutions, and support to further extend the value of F5 technologies for customers. >
Cloud showed us a better way to onboard, provision, and operate network and application infrastructure—aspects that have been steadily pushing their way into the data centers of organizations worldwide. But the digital transformation that began with cloud is now seeping into on-premises systems to bring about something far more interesting: the breakup of the network. >
Coupled with Cisco Firepower series’ threat mitigation and performance capabilities, SSL Orchestrator performs the computationally heavy workload of decrypting traffic before distributing it to other devices in a security stack, so those same security devices are now able to cost-effectively scale. >
MAXIMUS provides critical health and human services programs to a diverse array of communities. Previously, IT infrastructure and operations weren’t scaling to meet their needs, and application deployment was a convoluted and time-consuming process. The team turned to F5 to help it migrate to AWS and automate its processes to free up resources for other projects. >
A KubeCon dispatch from F5’s Robert Haynes: One of the enabling technologies behind the adoption of platforms and working practices has been the systems that link intent to action in an automated, integrated way. Application services have to be part of this chain, and this represents a more fundamental shift than simply a change in runtimes. >
It’s important to recognize that it’s not always NetOps teams that get in the way of deploying the latest thing/app/service. Impediments to speed are often due to a failure to adopt all the premises of DevOps as organizations seek to transform IT operations. >
Keiichiro Nozaki, regional marketing architect/evangelist, recently attended the Gartner Symposium/ITxpo 2018 Asia Pacific on the Gold Coast, and asks the question: How many organizations are ready for digital transformation? >
It’s the time of year when crystal balls get a viewing and many pundits put out their annual predictions for the coming year. Peter Silva collects his picks of notable prediction lists making the rounds as 2018 comes to a close, along with brief commentary on each. >
This week sees the release of BIG-IQ 6.1, the latest evolution of F5’s management platform. Dan Schrader walks through the benefits of this new version, focusing on declarative technology for automating the delivery of network services, as well as updated security reporting and dashboards. >
SVP Kara Sprague discusses the increasingly important role of containers amidst developer scarcity in the age of Application Capital, also noting F5’s just released open beta for Aspen Mesh, a fully-supported service mesh built on Istio. >
With “machine identities,” we’re simply talking about how to ensure that an automated process can identify itself, and how other automated systems and processes grant the appropriate level of access to relevant resources. This concept is not new. What is relatively new is the scale at which it needs to be implemented. >
At KubeCon, Aspen Mesh (an innovation from F5 Networks) announced an open public beta of its fully supported and enterprise-ready service mesh built on Istio to help companies further embrace a model where applications are continuously developed and deployed. >
As the dust from the recent re:Invent conference settles, Tom Atkins reflects and takes a closer look at the most notable advances from what has been another dynamic and productive year for F5 on AWS. >
Timed to coincide with next week’s KubeCon in Seattle – one of the biggest DevOps-focused conferences of 2018 – we’re highlighting a dozen of our favorite pieces of DevOps-related content from the past year. >
Shawn Wormke from Aspen Mesh explains how service mesh is a glue that helps unite Development and Operations teams, providing one place in the stack that you can manage microservices at runtime without changes to the application or cluster. >
The stability and speed of today’s networks enable application services to act within a scalable system. Instead of a system deployed on a box, application delivery can embrace a modern, stack-based design. It can now be distributed to better take advantage of advances in technology and software, while continuing to benefit from expertise gained in previous years. >
2018 brought us larger breaches, bigger DDoS attacks, and intensifying challenges for organizations to face when defending their infrastructure from criminals. Applications were notably a primary target, and as 2019 rounds the corner, we need to be prepared for the continuous evolution of both cybercrime and security. >
Mainframes have a bad rap in IT. They are viewed as dinosaurs, when the reality is that they provide a significant source of computing power for many organizations—computing power that’s growing in use. They also have more to do with DevOps, Agile, and other modern methodologies than you might think. >
Companies developing and deploying applications in the cloud can face inefficient IT operations, scarce developer resources, rising app experience expectations from users, increasing security risks, and cloud migration challenges—just to name a few. SVP Kara Sprague digs into the role chaos plays in spurring IT innovation and how F5 solutions enhance and protect organizations’ most valuable assets: applications. >
Lori MacVittie highlights F5 Labs research on global attacks against IoT devices from January–June 2018, pointing out the sobering implications. Not only do IoT devices continue to be exploited, but they are being transformed into attack platforms, meaning attackers can better take advantage of what’s emerged as a guaranteed growth market. >
At AWS re:Invent 2018, we’re announcing the launch of F5’s Early Access Preview Program for the first of our cloud-based application services. Users now have instant trial access to DNS and Global Server Load Balancing (GSLB) services, with additional cloud-native, automated, and self-service solutions to follow. Hear more from SVP and GM of F5 Cloud Services, Venu Aravamudan. >
Modern security is a multi-vendor proposition. F5’s industry-leading Web Application Firewall solutions (such as Advanced WAF) can now be integrated with AWS Security Hub, allowing predefined alert information from blocked traffic (such as attack type, source, etc.) to be escalated to this central console for further review, alongside inputs from other security products. >
Before the start of AWS re:Invent, we’re excited to share the new Quick Start integration between F5 and AWS. F5’s Tom Atkins discusses how the service launches, configures, and runs the AWS compute, network, storage, and other services required to deploy your workloads on AWS. >
F5’s Robert Haynes looks forward to AWS re:Invent, sharing his perspectives and tips on how to avoid an ‘enthusiasm hangover’ after the conference when returning from a week’s worth of heady discussions around cloud innovation, enhanced features, and new opportunities. >
A particularly compelling advantage of applying machine learning to application security is that it focuses on constantly learning what is normal and identifying what is not. Lori MacVittie explains how layer 7 Behavioral Denial-of-Service (DoS) protection is like a flu vaccine that's capable of detecting the virus responsible based on its behavior rather than its actual composition. >
Cryptography is naturally a computationally expensive process, meaning it takes more CPU cycles to encrypt or decrypt a message than to execute business logic. For cloud deployments, these added CPU cycles have been an accepted cost because the point is to shift capital costs to operational expense. But decrypting and encrypting a message multiple times—at a non-zero cost each time—can really add up. >
In technology, simplification means abstraction, with declarative interfaces serving as a good example of that abstraction. By simplifying the interfaces used to provision, configure, manage, and integrate infrastructure today, declarative interfaces democratize infrastructure and open up opportunities for both NetOps and DevOps. >
Whether shifting existing applications or developing cloud-native solutions, there are tremendous benefits in scalability and availability gained from the Amazon Web Services (AWS) Cloud. F5 Solution Architect Greg Coward walks through a typical application deployment utilizing F5’s BIG-IP Cloud Edition to provide a centralized point of control for provisioning, configuring, and managing F5 application delivery controllers. >
It’s time again to dig into the application services organizations are actually using to make apps faster and safer. Of note this quarter again is a continuing rise in use of bot defense services, as well as growth around analytics-related services. >
Generally speaking, “ignore vulnerabilities” is not something you expect to hear from a security company. And you certainly don't see “ignore vulnerabilities” paired with the notion of “improving security.” But now you have. F5’s Lori MacVittie is kind enough to elaborate. >
To serve its diverse needs—including remote employees, citizen site visitors, police and emergency services, maintenance crews, among others—Bellevue turned to F5 for upgraded access, load balancing, and capacity, as well as a solution that would position the city well for future growth. >
With over 22 years of experience in the industry, Dias will be responsible for managing and expanding F5’s India operations. Formally joining F5 on November 12, 2018, he will be based in Bangalore and report to Adam Judd, Senior Vice President for F5 in Asia Pacific, China, and Japan. >
When approaching your production pipeline “as code,” it’s a certain bet that multiple sets of operators and developers will be responsible for it. This lies at the heart of the push for standardization—especially as NetOps takes the plunge into developing and maintaining systems to automate and orchestrate elements of the network and application service infrastructure. >
F5 reported revenue of $562.7 million for the fourth quarter of fiscal 2018, up from $538.0 million in the fourth quarter of fiscal 2017. Results were driven by continued momentum in software solutions, powering continued year over year product revenue growth. The company also delivered fiscal year revenue up 3.4% with strong operational performance. >
Just as it’s true that the application platform—the web or app server or app engine—must be provisioned first, so too must the network and application service platforms be provisioned before they can be configured. Increasingly, and especially in cloud environments, that provisioning and configuration process is driven by systems like HashiCorp's Terraform. >
So how does one flesh out a detailed digital transformation plan? First, take a quick look at the relationship between applications and your ambitions around digitalization. Then, work with partners and vendors who have been guiding the application-focused evolution of business processes for years and have delivered tangible results. >
Speculation continues around why businesses and industries formerly reluctant to officially encourage open source software use have suddenly embraced it. Most often, the legacy culprit is assumed to be a fear of legal liability. But another catalyst is the driving force of digital transformation. >
Serverless means developers don’t need to worry about infrastructure. And the business, too, sees value in its speed and efficiency. Combined with the frictionless nature of deploying code with serverless, you can be out the door with functionality in hours rather than weeks or months. >
Chief Architect Dave Schmitt and the Office of the CTO reflect on the importance of hardware security expertise in the context of the recent Bloomberg piece on Super Micro. The article also includes questions to ask your vendors to help make sure your systems are protected. >
F5 is one of an exclusive group of launch partners of AWS’ Consulting Partner Private Offers Program, giving partners extended capabilities in making F5 application services available to customers via the AWS Marketplace. >
Infrastructure, Configuration, Pipeline, Operations. Suddenly everything is “as code.” Lori MacVittie attempts to sort through the terminology and identify the different components within a continuous IT stack. >
Lori MacVittie explores how the industry has found itself with a strange hybrid of Service-Oriented and Microservice architectures that leaves many wondering where one ends and the other begins. >
An immigrant from Togo who came to the U.S. via France, François Locoh-Donou offers his perspectives on inclusion and the “business of doing good” at the 2018 Seattle Metropolitan Chamber of Commerce Annual Meeting. (GeekWire article with presentation audio) >
The F5 SVP stops by SiliconANGLE Media’s livestreaming studio during the recent Ignite conference to discuss the role of F5 application services in supporting multi-cloud environments, the company’s emphasis on security, and the impact of emerging technologies. >
When we recently polled IT ops practitioners on the ‘State of Network Automation,’ we found the market experiencing a number of challenges. Among those cited specifically by NetOps professionals was a lack of integrated tools with which to move forward with automation efforts. >
While the adoption of cloud and containers have disrupted typical network architectures, applications remain tethered to the data for which they are the primary interface. CTO Ryan Kearny explains how a cause-and-effect relationship between apps and data is critical to the future of application delivery, particularly as we find ourselves on the verge of generating more data than we can move. >
The goal of automation in almost any industry focuses on optimization and eliminating bottlenecks. In the world of IT, that typically means addressing the in-between steps of an operational process. >
We take a quick look back at this summer’s enhancements to the F5 Labs site, and how the team is improving your access to application security and threat analysis research. >
From day one of development through post-deployment, the choices we make regarding the security of the entire application stack play out with far-reaching consequences. >
For many IT groups, the pressure to migrate to public clouds is immense. An F5 collaboration simplifies applications running across Microsoft Azure Stack regions into a consolidated infrastructure for business operations. >
With support from Mayor Durkan, University of Washington, Amazon, Microsoft, and others, the Innovation Advisory Council will act as an advisor on issues and policies affecting the city around topics such as homelessness, housing, and transportation. >
The evolution of F5’s annual survey now emphasizes the application services you need rather than the platforms you use to deliver them. Learn more and participate in the survey today! >
APIs are not integration. They are a means to implement integration. And judging by the challenges seen in the industry, they aren’t enough for IT to get continuous. >
Lori MacVittie comments on a recent report from Lacework highlighting the need to reiterate one of the common core security rules: Thou Shalt Not Leave Admin Consoles Open >
Just as previous app architectures have driven responses in the network infrastructure, so are containers and microservices. Only this time the changes aren’t coming in the form of a new box. What’s happening now is the move to integrate the application services developers need into the container environment. >
During F5’s recent Agility conference in Boston, a group of industry participants from the global service provider community met to discuss and debate topics such as the role of emerging SDN infrastructures, automation, and security. >
For decades, application services have been deployed on shared platforms. But emerging application architectures such as microservices are forcing changes in the production pipeline that better map to modern deployment schedules and operational practices like infrastructure as code. >
François Locoh-Donou describes the modern application’s role in accelerating value creation, joined by customer speakers from Motorists Insurance Group and MarketAxess. >
From F5’s Office of the CTO, Lori MacVittie draws connection points between DevOps practices and F5’s new declarative interface that decreases reliance on APIs and increases the ability to implement a fully automated, continuous deployment pipeline. >
SVP Kara Sprague explores the emergence of Application Capital in the context of customer expectations, industry trends, and F5 innovations. >
Lori MacVittie explores the potential of achieving an ‘MVD’ for an application by adopting a per-app architecture for its tightly coupled app services. >
The association of a singular identity with an IP address is so tightly ingrained in our heads that we tend to apply it to other areas of technology. Even when it’s utterly ineffective. >
A veteran leader of high-performance global teams with more than 25 years of deep industry knowledge in the technology sector, Helfer to oversee sales across EMEA (Europe, Middle East, and Africa). >
Sometimes I love reading commentary from El Reg on IT and technology. Delivered with just the right amount of bite, their bark is often right on target. >
Or is that ‘tears’ of frustration? ¯\_(ツ)_/¯ Perhaps it’s both. There is a relationship between network and application architectures. >
Zach Westall explains what intelligent traffic management, orchestration, and autoscaling have to do with a good party, wrapping...>
In a more balanced world, application users would have the same level of concern for the security of their data as they do for their access to it... >
Oh yes. It’s happening. Consider making it a part of your overarching cloud strategy to make the process less painful. What do the following have in common? Salmon, Canadian... >
As a developer, my favorite editor for writing code is vim. I know, I know. But it’s fast, I can get around in it, and it isn’t emacs. (Yeah, I went... >
Perfect for development and test purposes, these instances provide true cloud-native operational flexibility with no long-term... >
There’s an old business axiom we all know that goes like this: The customer is always right. In this digital economy, it turns out that axiom has to... >
There are days when the jargon coming out of container land makes your head swim. With each new capability or feature offered by related solutions – service mesh... >
Back in 2013, we were introduced to the concept of an immutable server. An immutable server is, as the term immutable suggests, static. Its configuration is fixed and cannot (or at least should... >
F5 Labs’ Ray Pompon explores how intellectual property theft relates to your morning latte...and is also costing the U.S. $600 billion per year. >
This is the last blog in a series on the challenges arising from digital transformation. The Surprising Truth about Digital Transformation The Surprising Truth about Digital Transformation:... >
Apps introduce risk, and the apps that rely on other apps introduce even more risk – Zach Westall continues his blog series on BIG-IP Cloud Edition... >