Over the last five years, a top concern of most organizations, big or small, is security. Much of the attention of late has been focused on public cloud security as enterprises either migrate apps or build cloud-native apps. Many important apps, however, still reside in private data centers and will for the foreseeable future. As a result, enterprises must remain vigilant concerning their owned infrastructure and hardware too.
A recent Bloomberg article brought increased attention to seeded types of supply-chain hacks, where third parties have intercepted networking equipment for the purpose of tampering with, spying on, or otherwise compromising data, and highlights this point.
While tampering with hardware is not typically the entry point for application attacks, it can definitely be a straightforward way to slip under the radar. In short, there is no part of a system today – from hardware to software – that is not subject to some kind of threat, which is why it’s extremely important that enterprises ensure the protection of their systems from every possible angle. What’s more, the increasing use of third-party manufactured subsystems over the past decade increases the possibility of a supply-chain hack that impacts all board-level hardware. Organizations are (and should be) asking the questions: Are hardware vendors relying on their own hardware or someone else’s? And what does that mean for the security of applications?
At this stage, I’ll pause to make two key points:
While F5 is headquartered in Seattle, Washington, every aspect of our hardware design and development takes place at a secure company facility across the state in Spokane. Born out of a desire to develop dedicated hardware to power our BIG-IP platform, this allows us to directly ensure the security of our hardware and protect against seeded attacks. Within the site, F5 keeps a tight control over the manufacturing and test process as well, from initial design in CAD software, through printed circuit board (PCB) fabrication, and finally through printed circuit assemble (PCA), when actual components are soldered onto the PCB.
At F5, one big step we take towards ensuring protection and privacy is that we not only own our product designs and control all aspects of testing at our contract manufacturer facility, but F5’s IT team also owns and manages the infrastructure our tests run on. In order to understand the value of this control over the manufacturing process, we must first talk very quickly about how our hardware is manufactured and developed. Firstly, the design is done in CAD software which generates Gerber Data, a vector image of the board. Next, a printed circuit board (PCB) is fabricated from that data at a supplier other than our contract manufacturer. After that, a printed circuit assemble (PCA) is assembled, whereby the actual components (CPU, memory, ICs, transistors, etc.) are soldered onto the PCB. In addition, we use a combination of validation processes, called AOI (Automated Optical Inspection) and 5DX/ AXI (X-ray) inspection, to find any issues that could impact quality and system integrity. This includes the identification of any element that is not part of the original product design under F5’s control.
Greater trust and confidence in the security of hardware can be achieved through software innovation as well. One such example is demonstrated in our launch of tamper detection capability: “TPM Chain of Custody.” This is a feature in our hardware that ensures that the firmware installed on F5 hardware is actually manufactured by F5, and hasn’t been tampered with, to better protect against interceded attacks. This feature works by comparing the various layers of firmware “measured” (by a process similar to a checksum in packets) at startup against the known validated values established during the F5 manufacturing process. This system startup comparison is called attestation.
In our previous BIG-IP software release, BIG-IP v14.0, F5 announced TPM-based Local Attestation, which is an automated method to compare the F5-determined values with the current values of the hardware/software as measured at the startup time (during boot). This means that during the BIG-IP boot sequence, local attestation automatically compares the current startup security values of several software stack components with the F5-known values, giving customers high confidence that the system is an untampered version manufactured by F5. This feature relieves our customers from manually performing the action, in turn freeing up resources and time, as well as reducing overall overhead cost.
With the recently released BIG-IP v14.1, F5 enhanced our implementation and are very excited to announce the general availability of Remote Attestation for TPM Chain of Custody. The main differentiating feature is that F5 now can compare the current startup values of F5 firmware with the F5 known values by interfacing with iHealth. iHealth is controlled and secured by F5 centrally, making it better than validating locally. Once the iHealth platform checks the equipment values on its register, it gets back to the BIG-IP system on whether the TPM is valid or not, providing customers with validation on the authenticity of their F5 device to prevent hardware and firmware-based attacks.
To summarize, the TPM-equipped F5 system now comes with functionality to aid in attestation and confirmation of chain of custody for the device locally and remotely, and without the need of doing it manually. This functionality verifies that the correct F5 software is running on the BIG-IP hardware and gives our customers the assurance their hardware has not been tampered with. With F5’s BIG-IP hardware, customers have one less security concern to worry about and can better focus on securing their apps and app data.
For additional information on F5’s hardware platforms, please visit https://www.f5.com/products/big-ip-services/iseries-appliance, and for information on how F5 enhances your organization’s application security, please visit https://www.f5.com/solutions/application-security.