24x7x365 access to web application firewall experts
Detailed visibility from customer portal
Customized policies with iRules
Limited in-house security expertise
No access to logs
Complex server structure
Financial services company The Motley Fool needed more responsiveness and visibility from its web application firewall and content delivery network provider. Leveraging a cloud-based web application firewall solution from F5 in conjunction with a CDN from another vendor, the company now enjoys better visibility, flexibility, and technical support.
The Motley Fool offers stock picks, investment guides, and financial news to members and non-members alike through its websites and email newsletters. “Our members are highly engaged,” says systems engineer Nick Travis, “so the sites being down eliminates time that our members would spend reading new content or interacting on our message boards, and that’s obviously bad for us.”
The Motley Fool had been using a cloud-based web application firewall (WAF) and content delivery network (CDN) solution because it didn’t have the internal resources dedicated to keeping firewall rule sets up to date and analyzing alerts as they came up. “We knew that we didn’t have anyone who could focus solely on security,” says Travis, “and we were going to fall behind if we didn’t have some expert help.”
However, the company was experiencing ongoing support problems. “We would open a ticket,” Travis says, “and they would recognize that it was a valid issue. And then it would still be open two or three months later with no progress being made.”
Travis also wanted more visibility into what was happening with the firewall. “Our previous vendor wanted to charge us to see our logs,” says Travis, “and then there were also issues of the support team not knowing the ticket history and seemingly not understanding the general scope of what we were doing.”
The Motley Fool needed to make a change and augment its existing infrastructure. “We’ve used F5 BIG-IP Local Traffic Manager (LTM) for load balancing and availability for years,” says Travis, “so we decided to look at the F5 Silverline Web Application Firewall.”
Silverline completely eclipsed our former vendor in terms of responsiveness.
The Motley Fool needed a solution that married a powerful and flexible web application firewall with a fast, full-featured content delivery network. Initially, Travis was concerned about deploying a joint solution that leveraged both F5 and another partner. “We did consider the effects of an increase in latency from a two-partner solution,” he says. “But the difference in performance was so negligible that it didn’t really have an impact on our decision.”
The company then embarked on proof-of-concept trials with several vendors, pushing some of their production traffic through each of the services. In terms of protection, all the services performed well, but the Silverline service stood out in terms of ease of management and flexibility of implementation. In addition, the level of responsiveness from the F5 Security Operations Center (SOC) was a deciding factor in the company’s choice. “We see average change response times from the SOC of five or six minutes,” says Travis, “versus upwards of an hour with some of the other services we tested.”
The company’s trial of the Silverline service with their CDN partner ran smoothly, says Travis. “The SOC has been really responsive and, honestly, I don’t remember having any problems getting set up.” After the company went live with the service, Travis and his team continued to work closely with the SOC. “They helped us adjust the rules to allow our members to communicate freely on our message boards without triggering an alert,” says Travis. “We’ve gotten to a really good place with their help.”
Our tickets are responded to and closed within a matter of minutes instead of days, weeks, or even months.
Using the cloud-based Silverline Web Application Firewall in conjunction with an integrated CDN enables The Motley Fool to leverage two market-leading solutions to secure and optimize their sites as they enjoy on-call technical expertise, detailed reporting of firewall activities, and the flexibility of the F5 iRules scripting language.
With limited security resources within the company, Travis and his team knew they needed help from a partner to reduce the complexity of managing a WAF and increase the speed to deploy new policies. With the Silverline Web Application Firewall, The Motley Fool team receives constant access to a team of experts in the SOC who proactively monitor and fine-tune WAF policies against an evolving variety of threats.
“Working with the SOC has been great,” says Travis. “They completely eclipsed our former vendor in responsiveness. Now our tickets are responded to and closed within a matter of minutes instead of days, weeks, or even months.” In addition, says Travis, “I like seeing the same names on our tickets rather than a different person every time. They also caught us a few times when we were about to make a mistake, so we definitely appreciate having that support.”
While The Motley Fool had very little visibility into the performance of their former vendor’s web application firewall, they now enjoy having access to the granular details available through the F5 customer portal. “The availability of the logs coming out of the Silverline service is definitely superior,” Travis says. He and his team use the cloud-based portal and work with the SOC to incorporate external intelligence to secure their sites against established and evolving threats.
“Especially at the beginning, I was in there daily looking through the logs for false positives,” says Travis. “Having that visibility has also helped us identify and address a few other minor issues that have come up. It even gave us the awareness to write our own iRule, which blocks a specific kind of attack before it reaches our servers.”
As long-time F5 customers, The Motley Fool team has written many iRules to customize their BIG-IP LTM product as it optimizes the availability and performance of the company’s applications. Being able to use their knowledge of the iRules scripting language in conjunction with technical support from the SOC team has supercharged the company’s use of the Silverline service.
“We have a very complex underlying set of servers,” says Travis, “and the things that we want to block or allow make the flexibility of iRules extremely important. our familiarity with iRules and what they can do makes it that much easier to get the most out of the Silverline service.”