This is part two of our three-part series on F5 BIG-IP Cloud Edition. You can find the first blog here.
Application security and mitigating risk are critical for every business. Why? Because modern applications—and the wealth of sensitive data they contain—are the lifeblood of enterprise.
Here are some fun (read: frightening) facts that illustrate what we mean:
And, as expected, the costs are even higher for larger enterprises:
These figures, while sobering in and of themselves, don’t highlight the fact that many applications—especially the mission critical ones—have a number of cascading dependencies and connections to other apps. That means one security shortcoming, one overlooked entry point, one firewall breach, can have serious impact on your entire application catalog—unless you do something about it. Unfortunately, many companies just aren’t.
The Application Existential Dilemma: Simply Being Introduces Risk
In our 2018 State of Application Delivery it was discovered that 36% of the companies we talked to plan on protecting less than a quarter of their apps. I know what you’re thinking: “That’s fine…They only need to protect the high-risk, high-value apps in their catalog.” This is simply not true; all apps introduce security holes and risk simply by existing—this is especially true for the valuable ones.
And while user apps introduce risk, the apps that other applications need to function properly and perform optimally (services) introduce even more risk because of the layers of dependencies. This dicey, all-too-common approach provides an ideal breeding ground for:
This impacts everyone (not just security teams), creating headaches for app owners, network teams, operations teams, customer service, helpdesks, incident managers, analysts, etc.
No More Group Therapy: Mitigating Risk Requires an Individualized Approach
We’ve touched on the distinct security advantage that a per-app architecture offers in a previous blog. It’s not unlike a microservices architecture, a way of developing apps which also provides a leg up on the security front. The enhanced security of a per-app approach is exhibited in four key ways:
What can be done in the current advanced threat landscape?
Beyond a per-app approach, proactive security policies and robust tools are absolutely essential. Unfortunately, the majority of existing security solutions—such as many WAF offerings—are insufficient against the current wave of sophisticated, automated attack vectors and techniques. Bots, botnets, credential stuffing attacks, and app-level DoS attacks (now the top type of security incident) are commonplace and VERY difficult to defend against.
It’s clear that for businesses to survive in today’s app-focused digital economy, they need superior application services—ones that deliver availability, performance, and security. Furthermore, they need a way to deploy these services in a way that helps them be more agile and secure.
F5’s BIG-IP Cloud Edition is an ideal solution to tap into the security benefits of a per-app architecture. BIG-IP Cloud Edition marries the best-of-breed F5 application services (including the most advanced web application firewall) with the deep visibility, ease-of-use, and tight control of BIG-IQ Centralized Management—right-sized and with flexible licensing that promotes business agility. And with its robust automation, your services and security expand and contract based on need, business drivers, and policies you set. Best of all, with its fine-grained RBAC, DevOps, NetOps, and SecOps can work together, not against each other—helping align their (usually very different) priorities.
Be sure to check back for our third and final blog in this Cloud Edition series. We’ll explore BIG-IP Cloud Edition’s automation, analytics, and autoscaling functionality, and how they can help you to better take advantage of your public cloud investments.