Advanced threats require advanced solutions

F5 Miniatur
Published April 10, 2018

Since I joined F5 in January, I've had numerous conversations with customers, partners, co-workers, and developers about the issues that they face every day. One unifying theme has bound these conversations together: that a digital transformation is driving vast changes across business, manufacturing, commerce, and lifestyle. And applications are the primary vehicle driving these changes.

Modern businesses are dependent on applications and now have hundreds, if not thousands, of applications running everything from finance and HR systems to payment processing to connecting directly with customers. While this explosion of applications has greatly expanded the reach and potential of every organization, it has also, at the same time, greatly expanded the surface area for attacks. This has been borne out in recent years as we’ve seen a marked shift from attacks on infrastructure to attacks on applications – in fact F5 Labs research found that applications and identities were the target in 86% of breaches. Meanwhile, recent data from ISC2 also shows that 40% of threats are missed and 41% of incidents were disruptive in some way to the business.

Allow me to put a fine point on this: Applications have never been more important to a business and are proliferating at a rapidly increasing rate. Attackers know this and are growing increasingly sophisticated in how they attack and what they attack to achieve the greatest impact. Securing applications has never been more critical.

This is a challenge we are acutely aware of at F5. We have been instrumental for years in helping our customers extend the reach of their applications as they have moved from the data center to private clouds, public clouds, and now diverse multi-cloud environments. Our unique place in the network – sitting at the intersection of all application traffic in and out of the organization – has given us the ability to exercise full application decomposition and obtain rich visibility into context, with which we can then apply critical security capabilities, such as WAF, DDoS prevention, and access management.

With our standalone security offerings, our goal is to extend that expertise in the network, and what we know about applications, from the networking team to the security team.

Security professionals typically have the same requirements as IT teams – performance, reliability, and high availability. But they face unique pressures and specific demands, so we have customized the form factors, features, and user interface of these products in a way that enables security teams to focus on getting the information they need to know, when they need to know it, and taking necessary actions.

Today's kicks off the next phase in this journey with two big announcements:

  • The launch of F5 Advanced WAF. We are building on our industry leading WAF products with a standalone solution delivering innovative features geared toward helping customers manage the rapidly changing threat landscape. Many of the most sophisticated attacks today can evade detection in traditional WAFs. With Advanced WAF, we are introducing cutting edge protections like keystroke encryption, proactive web, mobile bot detection and defense, and application layer behavioral DoS detection and defense. Visit our new Advanced WAF page for a deeper dive into product specifications.
  • A significant update to F5 DDoS Hybrid Defender, our comprehensive solution that offers detection of, and defense against, multi-vector and volumetric DDoS attacks across network, session, and application layers while integrating offsite cloud scrubbing. We are introducing new competitive pricing and capabilities that further operationalize DDoS functionality and significantly optimize response metrics. Visit our new DDoS Hybrid Defender page for a deeper dive into product specifications.

Security should not be an impediment to digital transformation, but it will take advanced technology to defeat advanced attacks. Looking forward, you will see us bring additional standalone security offerings to market along with continuous updates to our existing solutions. We are committed to developing innovative multi-cloud solutions aimed at providing security for every application, anywhere.