F5 Launches Advanced WAF For Multi-Cloud App Security

Published April 10, 2018


Nathan Misner
Sr. Director of Global Communications
F5 Networks
(206) 272-7494

Holly Lancaster
WE Communications
(415) 547-7054

New offering delivers unmatched protection for all apps, with flexible consumption models to fit any deployment and management scenario

CANBERRA, AUSTRALIA – Coinciding with the ACSC conference this week, F5 Networks (NASDAQ: FFIV) is announcing its Advanced Web Application Firewall™ solution for comprehensive application protection. With industry leading security capabilities to guard against evolving application threats, F5 is adding to its growing portfolio of integrated and standalone solutions specifically designed for app security.

F5’s Advanced WAF™ supports a variety of consumption and licensing models, including a per-app basis, as well as perpetual, subscription, and utility billing options for ultimate flexibility in the cloud and the data center. This helps SecOps better collaborate with modern DevOps and NetOps teams to easily deploy app protection services in any environment that can be configured for individual applications or en masse. F5’s holistic approach to application security reduces management complexity, decreases OpEx, and efficiently delivers services to neutralize attacks.

Already a leader in the Web Application Firewall space, this new solution pushes F5 far beyond competitive products, also enhancing the company’s self-service WAF Express® and managed Silverline® WAF offerings. As examples of its differentiated functionality, F5’s Advanced WAF gives customers:

  • Superior protections against credential theft and abuse
  • The only WAF with comprehensive mitigation of web and mobile bot threats
  • Layer 7 DDoS detection using machine learning and behavioral analytics for high accuracy
  • The market’s most scalable WAF solution

“Recent research from F5 Labs revealed that applications are the initial targets in the majority of breaches, suggesting that any app can be an attack vector,” said Ram Krishnan, SVP and General Manager of the Security business unit at F5. “Cybercriminals are using sophisticated application-layer exploits, as well as an emerging wave of automated, bot, and IoT-based threats that are quite capable of evading simple signature or reputation-based detection. F5 offers the most complete application protection, with Advanced WAF as a foundational technology that can be deployed, managed, and consumed in the manner that best suits our customers.”

Industry Leading Threat Protection for Every App

In today’s economy, application health is synonymous with revenue. Beyond basic services such as protection against the OWASP Top 10, F5 now enables the same enhanced WAF capabilities in the cloud as it traditionally has in its on-premises solutions. Advanced WAF dynamically protects apps with anti-bot capabilities, stops credential theft using keystroke encryptions to guard against keyloggers, and extends app-layer DDoS detection and remediation for all apps through a combination of machine learning and behavioral analysis. For dedicated DDoS protection, F5 also offers an updated version of DDoS Hybrid Defender®, with market leading price/performance and new capabilities that operationalize DDoS functionality and significantly optimize ‘time to identify’ and ‘time to mitigate’ response metrics.

Scalable Defense to Promote Business Innovation and Agility

Advanced WAF enables F5 customers to deploy essential app security for multiple cloud platforms—private and public—while also promoting service portability through microservices and container use cases. Taking advantage of automated security policy capabilities, the solution helps organizations shorten deployment times for new apps with easy to use cloud templates for AWS, Google, and Azure environments. This approach gives companies the freedom to grow their on-premises and cloud infrastructures according to business priorities, with the confidence that their apps will be protected without being tied to any individual deployment model or particular cloud platform.

Security Expertise for Comprehensive Detection and Remediation

To further supplement its impressive product capabilities, F5 solutions are backed by an extended set of adjacent security programs and offerings. These include threat research and analysis from F5 Labs, rapid response capabilities from F5’s world-class Security Incident Response Team (SIRT), and dedicated global attack mitigation through the company’s Security Operations Center (SOC) locations. These resources provide proactive, 24x7 threat monitoring and reporting to protect organizations from pervasive threats such as malware, phishing, and web fraud. In parallel, F5 Professional Services deliver guidance on the best ways to architect, implement, maintain, and optimize security solutions for any deployment scenario.

Supporting Quotes

“F5’s WAF solution has played a crucial role in our ability to thwart a wide range of threats. We’ll continue to trust in F5 to deploy essential app security across all of our critical environments.”
Sajid Fiaz, IT Infrastructure Manager, Premier Management Company

“We are excited to expand our collaboration with F5 by offering our out-of-band DDoS detection capabilities integrated with the updated version of F5 DDoS Hybrid Defender. Together with the already existing integration into BIG-IP® Advanced Firewall Manager™, Flowmon and F5 offer our customers a best-of-breed solution for identifying and mitigating volumetric DDoS attacks.”
Petr Springl, Director of Product and Strategic Alliances, Flowmon Networks

“We’re excited about this new offering because it accommodates modern applications at scale. WhiteHat is committed to working with F5 and our customers to make sure they continue to have the best solution for testing, securing, and protecting production applications. The F5 Advanced WAF is a great addition to our integration portfolio.”
John Atkinson, Vice President of Strategic Alliances, WhiteHat Security

“We are pleased to be working with F5 on the launch of their Advanced WAF solution. Our Secure Digital Infrastructure is enabling our clients to truly embrace the promise of their multi-cloud ambitions.”
Neville Burdan, Director for Cybersecurity, Dimension Data Asia Pacific


F5 Advanced WAF and DDoS Hybrid Defender are available now, with new security features incorporated as released. Please contact a local F5 sales office for additional details and product availability information pertaining to specific countries.

About F5

F5 (NASDAQ: FFIV) makes apps go faster, smarter, and safer for the world’s largest businesses, service providers, governments, and consumer brands. F5 delivers cloud and security solutions that enable organizations to embrace the application infrastructure they choose without sacrificing speed and control. For more information, go to You can also follow @f5networks on Twitter or visit us on LinkedIn and Facebook for more information about F5, its partners, and technologies.

F5 is a trademark or service mark of F5 Networks, Inc., in the U.S. and other countries. All other product and company names herein may be trademarks of their respective owners.

# # #

This press release may contain forward looking statements relating to future events or future financial performance that involve risks and uncertainties. Such statements can be identified by terminology such as "may," "will," "should," "expects," "plans," "anticipates," "believes," "estimates," "predicts," "potential," or "continue," or the negative of such terms or comparable terms. These statements are only predictions and actual results could differ materially from those anticipated in these statements based upon a number of factors including those identified in the company's filings with the SEC.