F5's Office of the CTO's Renuka Nadkarni: Some attacks are merely a nuisance, degrading network performance or disrupting availability. Some others may be relatively rare but have far more serious impacts in the form of data breaches. Like the plagues spread by mice that wiped out cities in a bygone era, today’s attacks wipe out brand reputations and business value.
Admittedly, load balancing topics may not be at the top of your priority list today, but Lori MacVittie points to some interesting considerations on where the technology is going (and how it will further benefit customers) in this blog.
EVP Kara Sprague: The pressure to transform digitally has become universal. Whatever your strategy is, the trick is to deploy and manage applications in a consistent way across all your different infrastructure silos. The best way to do this—and to get visibility into your code-to-customer pathways for all your applications—is to leverage a consistent set of multi-cloud application services.
With its distributed nature, edge computing empowers service providers to offer new solutions and services that simultaneously increase revenue streams and reduce network transport costs. In other words, it’s a big deal, and it puts service providers in a unique position to shake up entire industries (including their own).
Modern application architectures like microservices increasingly rely on APIs, making them a particularly attractive target for attackers who understand the value of gaining control over these endpoints. Lori MacVittie breaks down some of the preliminary options in securing APIs.
F5 CTO Geng Lin: Organizations are taking advantage of the proliferation of digital technologies to define new business models or to improve business productivity with existing models. While the pace of digital transformation varies based on the business and the sector it is in, overall, the journey of digital transformation has three stages.
[Press Release] F5 technologies support Rakuten’s October launch of the world’s first fully virtualized, cloud-native mobile network and its future deployment of 5G. The carrier will leverage F5’s network functions virtualization (NFV) capabilities to optimize its new mobile network and accelerate its path to 5G services in 2020.
Barry Russell, VP of F5’s Global Cloud Business, delivers a Q&A interview that adds color to the Oct. 23 announcement of a Strategic Collaboration Agreement between F5 and AWS, as well as what it means for customers.
It doesn’t matter how fast you can deliver if deployment delays release. While NetOps are warming up to automation and orchestration, there are significant challenges facing their efforts to speed up deployment. DevOps is in the best position to help them do that.
All cloud journeys are unique and can be complicated, with very different objectives, strategies, and hurdles. Some organizations are just getting their feet wet and others are charging full steam ahead—expanding into multi-cloud architectures and modernizing applications to embrace automation and native services.
The company announces its quarterly results, along with earnings for fiscal year 2019, with software revenue continuing to grow.
Peter Silva: Phishing has become the number one attack vector for good reason. And what is the most active time of year for fraudulent online schemes like phishing and fraud? Essentially, right now through the holiday shopping season. (I thought it best to get your attention near the opening bell.)
[Press Release] F5 and AWS move ahead with a multi-year global Strategic Collaboration Agreement (SCA) to better allow customers to use F5 for new cloud-native application workloads and extend their existing F5 investments on AWS.
Visibility is an often-cited challenge typically referring to the ability to inspect traffic, transactions, and errors that occur during an application's execution. But there's another, perhaps more critical, meaning to visibility at the business layer: a complete inventory of the corporate application portfolio.
[Blog and Video] F5’s Maggie Miller chats with an industry analyst on the trends driving optimism in the channel, how today’s buyers are different, and advice for F5 partners in this ever-changing market.
F5 expands global footprint by deploying points of presence in additional geographic locations, making its Silverline offerings available to customers across Asia Pacific. This enhances customers' options to protect applications and web properties without upfront investments in IT infrastructure and support.
When you ask customers why they're adopting a multi-cloud approach, one of the top answers is "avoid vendor lock-in." That's been a reason for multi-vendor everything in the enterprise for twenty and more years. It should surprise no one that holds true for public cloud, as well. After all, cloud is a product as surely as a network switch or data center server.
For seven weeks in July and August, F5 partnered with Girls Who Code to host 20 high school junior and senior girls in our new downtown Seattle headquarters with two goals: teach them coding skills and prepare them for a potential career in technology. In saluting their accomplishments on the International Day of the Girl, Kara Sprague provides a retrospective blog detailing this effort tied to F5's Global Good Program.
We tend to hear 'ecosystem' and think of applications, not those that focus on the transformation of the network. Integration into both these ecosystems is important because application services continue to provide critical functions like acceleration, security, and scale. Underscoring this approach, Intel has named F5 as a 2019 Leaders Board partner in the Intel Network Builders program.
Today, "machine" also includes code running independently on devices, APIs, containers, serverless architectures, and of course VMs. Because they are software-defined, these machine types are easily created, changed, and destroyed throughout the day, every day, making software-defined machines an important part of the app development workflow. Frank Strobel explores these topics in the context of F5 and technology partner Venafi.
In the journey toward continuous IT, there's a lot of focus on security. And well there should be. Breaches abound. Vulnerabilities are discovered on a daily basis, and the patch gap doesn't seem to be getting any smaller. While one of the often-suggested solutions for more secure code is, predictably, that of scanning source code, scanning only gets you so far.
Peter Silva: While cybersecurity awareness should be a daily adventure, it is still nice to have a full month dedicated to raise awareness about the importance of cybersecurity and to ensure that all people have the information they need to be safer and more secure online.
F5 has a cloud-based solution called the F5 DNS Load Balancer Cloud Service that leverages the AWS SaaS Enablement Framework and is now available in AWS Marketplace. While load balancing has traditionally been handled on-prem quite successfully, Roger Barlow outlines the many advantages of a SaaS-based approach.
With thousands of apps in use daily, hosted in all or any combination of locations, how can organizations ensure secure, appropriate user access without requiring users to login in multiple times? Moreover, how can organizations terminate user access to each application without having to access each app individually? VP John Morgan digs into the details.
The open source movement has always focused on freedom. The freedom to choose the solution that works best for you given skills, budgets, architecture, and goals. That principle continues to be a significant factor today when it comes to building repeatable infrastructure for the deployment pipeline.
It's that time of year again when the scent of pumpkin spice is everywhere, and we reach out to solicit your input on the State of Application Services and the trends/technologies that shape them. So take a few minutes to share your perspectives, opinions, and plans—we appreciate it!
Despite education and a constant litany of reminders that security is everyone's responsibility, not only is the corporate-consumer barrier being breached on a regular basis but the most basic of security practices is being completely ignored when it comes to apps and passwords, pointing toward the still-compelling benefits of multi-factor authentication (MFA) and password complexity requirements.
[Guest blog post] To promote app delivery automation, HashiCorp Terraform enables network operations teams to treat the F5 BIG-IP platform ‘as code,’ so the network infrastructure can be provisioned automatically when new services are deployed. Consul’s central service registry and service discovery capabilities track the real-time network location and health status of all backend services.
Researchers from the University of Kansas and the Stevens Institute of Technology are focused on developing a new metrics framework for security operation centers (SOCs) that measures and validates SOC performance against enterprise network security. Peter Silva provides more detail on this project and its connection to F5.
F5 announces Unity+, an innovative channel program designed to create long-term profitable partner growth. Unity+ enhances partner opportunities and incentives, captures new revenue streams, and drives tighter collaboration to help customers through technology transformations.
Through Unity+, F5 is collaborating with our partners to better meet their business needs and serve our mutual customers with flexible licensing models, greater deal registration differentiation, and easy-to-consume sales and pre-sales technical learning paths. VP Colleen McMillan provides additional details in this blog.
Open source isn't just about code. Operations are—and should be—embracing open source solutions. To fully realize the benefits, however, operations should also actively participate in and contribute to the communities creating the configurations, templates, and best practices around its implementation.
Gus Robertson summarizes Day 1 of NGINX Conf 2019 with his top three takeaways, explaining how F5 and NGINX together are supporting the move to a world of living apps, helping entrerprises increase the velocity from code to customer, and buidling new capabilities across the entire ecosystem.
This blog summarizes Day 2 of NGINX Conf 2019 with three top takeaways: F5's commitment to the NGINX open source community, a year's worth of NGINX updates and a preview of what's to come, and customer stories about their successes with NGINX.
The combined F5 and NGINX portfolio now has two service mesh offerings to scale, secure, and provide visibility into container environments. Both enable management and visualization of Kubernetes clusters. Both offer their solution as an on-premises option, and both provide tracing and metrics that are critical to addressing the issue of visibility. So which one is right for you?
At NGINX Conf, F5 Networks (NASDAQ: FFIV) announced several new solutions designed to help DevOps, NetOps, and SecOps teams better collaborate in delivering today's applications. Accelerated NGINX development and new solutions level up customers’ app and API infrastructures.
Kara Sprague: F5 and NGINX are not just integrating to go to market in the same old way together. The fundamental inspiration behind the acquisition was the fact that there’s a ton of value we can deliver together as a combined portfolio. Jointly, we deliver solutions that span the entire application lifecycle for monolithic, three-tier, and microservices-based apps alike.
Lori MacVittie takes a humorous look at how predictions or claims that the data center is dead (or at the very least, on its death bed) have persisted since the ascendancy of cloud to the majority industry mindshare. Further, they continue to be incorrect, with one of the reasons for these inaccurate predictions being the purposeful conflation of SaaS with IaaS.
Peter Silva notes a few of the modern ways that the capabilities of our five primary senses are being recreated using sensors. Today, gadgets (and IoT technologies) are being built that work in conjunction with, enhance, or in some cases replace the traditional functions of the eyes, ears, nose, tongue, and hands.
One of the impacts of digital transformation is the desire to move at speed. Organizations want to develop and deliver apps faster. They want to adapt to unpredictable changes in business conditions faster. They want to respond to attacks faster. So, how are they going to get there?
This summer, the F5 Newsroom revisits some of our most popular Web Application Firewall content | Proxy-based WAFs are integral to application protection. They’re also a go-to solution for addressing zero-day vulnerabilities through signature updates or the use of programmatic functions to virtually patch applications. But there’s still the question of location.
At VMworld 2019 in San Francisco, F5 polled attendees at its booth to find out what their most formidable challenges were in their jobs. Focused around the functions of NetOps, DevOps, SecOps, and AppDev, this in-the-moment research reveals how various IT teams are thinking about automation, security, digital transformation, and collaboration between the separate groups.
Cloud computing has changed the way in which we go about developing, building, and deploying applications. Apps that were born in the public cloud naturally assumed many of the same dependencies and characteristics. Thus, the term “cloud-native” accurately represents the etymology of the architectural style as opposed to a specific cloud requirement.
This summer, the F5 Newsroom revisits some of our most popular Web Application Firewall content | Building on the previously delivered trio of managed rules for AWS’ native WAF, this ruleset focuses solely on protecting your APIs against existing and emerging threats, including XML external entity attacks and server-side request forgery.
Deploying applications at the speed of users can paradoxically be something of a slog. IT, DevOps, and SecOps organizations may spend hours/days/months trying to figure out ways to simplify the delivery of applications while providing the safety and security required by today's users. This blog gets into one way that F5 and technology partners are addressing the associated challenges.
As Lori MacVittie puts it, the term community is tossed about a lot these days, but NGINX Conf really is about bringing together two different communities—open source and enterprise users of NGINX. Taking place this September in Seattle, Conf is a great opportunity to share ideas and collaborate on the technical, architectural, and operational approaches customers and the surrounding industry are taking toward application delivery.
This summer, the F5 Newsroom revisits some of our most popular Web Application Firewall content | Apps today are the gateway to customer and corporate data, and traditional methods of controlling access at the network layer aren’t enough—with bad actors increasingly targeting identities and applications. So how, exactly, does a WAF mitigate all those vulnerabilities that keep cropping up like weeds in the garden?
Sensitive data should include code, and it should be protected. Code is the heart of a digital business and the delivery pipeline is increasingly considered an attack vector. By putting into place a privileged user access model, you can be more confident that both the credentials—and the user behind them—are legitimate.
With many organizations deploying dozens to hundreds of applications, their value is constantly growing, but visibility and manageability of all of these apps is no small feat. The latest release of BIG-IQ is a significant leap forward that can help NetOps, SecOps, DevOps, and application owners build, deploy, and manage apps, devices, and services more intelligently.
This summer, we revisit some of F5’s most popular WAF-related content | Moving to the cloud enables developers to circumvent traditional enterprise IT roles that are obviously needed, considering the growing number of cloud breaches. It can also enable companies to deploy systems with poorly-configured security features, not because they want to, but because individuals might not understand the consequences (or might assume a breach is unlikely).
When a pipeline (system) is designed by a team, they are able to take into consideration the pipeline as a whole rather than as its composite pieces. That is, the individual communication channels between IT domains point toward a peer process that better facilitates the design of a system that spans multiple concerns.
Europe’s leading cloud-based talent management and learning software provider needed to scale its IT operations to meet ambitious global expansion goals. With an F5 solution implemented across private cloud, data center, and Microsoft Azure environments, it was able to provide 9 million users across 130 countries software access on any device, from any location.
This summer, the F5 Newsroom revisits some of our most popular WAF content – In this blog, Lori MacVittie navigates the give-and-take between security and performance, the pitfalls of giving up one for the other, and how WAFs can help organizations deploy security strategically to prevent exploitation, detect breaches, and safeguard applications.
F5’s blog series wraps up with a quick summary of covered topics, key lessons, and overarching themes, noting the relevance of techniques you've likely used elsewhere to secure traditional apps and infrastructure. The series closes with a salient parting reminder: Customers expect security. Don’t disappoint them.
With F5, Shinsegae Internet Duty Free enhanced its online retail experience, application performance, and customer data security. Advanced WAF helped shift the focus toward automated threat protection and more proactive security measures, realizing significant benefits over traditional WAF approaches.
The F5 BIG-IP system has a powerful programmability feature called iRules, based on an extended and customized Tool Command Language (Tcl). As is the case with any programming language, developers need to understand the commands and functionality of the language in order to avoid possible vulnerabilities and other problems. This video highlights one such command and discusses the need for secure coding practices.
It's important that security teams get outside the boxes on typical architectural diagrams to really understand applications. A significant percentage of (successful) attacks are executed at the application layer. The longer we fail to recognize the unique characteristics of various types of applications, the longer those applications remain vulnerable.
This summer, the F5 Newsroom revisits some of our most popular WAF content – In this blog, Lori MacVittie calls out three web app security rules that extend AWS WAF functionality to provide protection for any app. They’re managed, which means security experts are maintaining and updating them so you can have confidence that they’re always up to date and defending against the latest threats.
The key to simplifying multi-cloud architectures is to standardize elements wherever possible. By employing tools that can be used across environments, much of this complexity is abstracted away as you move from a cloud-specific to a cloud-agnostic service portfolio.
"Link arms with your functional counterparts and strive to achieve a common set of goals. That's when you elevate the standing of marketing, the customer experience, and the company's results—which is really what it’s about."
This summer, the F5 Newsroom revisits some of our most popular Web Application Firewall content – In this blog, Brian McHenry covers how modern attacks can bypass virtually all traditional WAF detection mechanisms and explores the capabilities necessary to combat the evolving threats seen in the application security landscape.
We're moving from an expert operations economy to a commodified operations economy. Today, the operational aspects of deploying network and application service infrastructure are expected to be accessible to a broader set of roles within the organization. To get there, simplification is necessary.
Part four of F5’s blog series explains that while ‘workload’ is a fairly recent term that’s often used to describe applications, it can also refer to infrastructure services. That’s important, because there can be a variety of ‘workloads’ running in your container clusters that aren’t necessarily coming from your developers.
The third entry in F5’s container security basics blog series digs into how the orchestration layer of container security focuses on the environment responsible for the day to day operation of containers. (And by the data available today, if you’re using containers, you’re almost certainly taking advantage of Kubernetes as the orchestrator.)
Revenue of $563.4 million for the third quarter of fiscal year 2019 reflects 4% growth from $542.2 million in the third quarter of FY 2018, driven by total software solutions revenue growth of 91%, including a partial quarter contribution from NGINX.
F5 EVP Kara Sprague: If we’re going to gain a toehold toward minimizing threats so we can maximize the value of the application ecosystem, organizations need to start investing the same energy and resources into their application capital as they do with physical assets and talent.
Traditionally, there are three architectural planes associated with network infrastructure: data, control, and management. But a fourth layer—the orchestration layer—integrates with container environments and makes use of related capabilities to automate the discovery of services and instances.
F5’s blog series on container security basics continues. The CI/CD pipeline is a critical component upon which rests the speed and security of the applications it builds and delivers. Accordingly, there are two main elements of pipeline security: first, security of the pipeline itself. Second, security in the pipeline.
F5 is expanding its existing Enterprise Licensing Agreements (ELA) program to increase the value of customers’ physical and virtual infrastructures. Specifically, we’re adding ELA support for both NGINX software—building on the recent acquisition—and BIG-IP software running on F5 appliances.
When it comes to breaches involving apps and data exposure, fingers are almost always pointed at developers. But Lori MacVittie discusses why we can't blame all breachers on developers.
With 2019 crossing the halfway point, Peter Silva looks at some of the year’s notable technology trends for optimists and pessimists alike, particularly where security is concerned.
Container adoption continues to accelerate across (almost) all areas of IT. But what does container security really mean? F5's Jordan Zebor and Lori MacVittie offer their take in the first of a blog series focused on the topic.
What is Magecart? Magecart is really a term given to a group of cybercrime units. At least a dozen groups are responsible, and each have their own specialty. F5’s Peter Silva examines how it was also last year’s #1 root cause of retail, tech, and manufacturing breaches.
The focus of IT as its moving through its digital transformation should be to modernize ops - from the technology to the teams that use it to innovate and deliver value to the business. Lori MacVittie's blog touches on how silos within an organization can impede successful transformations.
When it comes to multi-cloud consistency, Lori MacVittie discusses why a failure to recognize the two different types of consistency - functional and operational - and their importance is at the root of the problem with implementation.
What's this got to time to value and applications? Everything. Because as it turns out, traditional IT is really driving to production in a serial circuit, while modern app developments is burning at all hours on a parallel one.
It seems like the whole world is encrypted. That can be a very good thing, as encryption keeps our personal info safe. But, encryption also creates security challenges, such as blind spots where hidden threats like malware and malicious payloads can lurk. Fortunately, F5 and Cisco have a solution.
Now in preview, the F5 DNS Load Balancer Cloud Service features DNS-targeted DDoS protection and highly available and responsive global server load balancing (GSLB).
Combined solution provides F5’s industry-leading availability and security services on Cisco’s SDN platform for superior layer 2-7 performance.
The reality is that unless you're a green field startup, you have both traditional and modern applications running right now. Which means you need to support both legacy and modern architectures at the same time. We’ll discuss how with the help of containers.
Peter Silva summarizes a recent report on how organizations are moving quickly to adopt the new standard of Transport Layer Security (TLS) 1.3, while addressing both operational and security concerns as a result of the transition.
With a staggering 60% of users experiencing a container security incident in the past 12 months, if you aren’t already practicing safe containerization, Lori MacVittie shares five steps to consider putting into practice.
Frank Strobel shares his thoughts on how new technologies and solutions are impacting the real world, after spending the week at the Bosch Connected World 2019 - the leading conference on IoT and digital transformation - in Berlin Germany.
New Center of Excellence in Hyderabad aims to grow and scale F5's software and cloud portfolio, to meet customer needs worldwide. Learn more about the how this office space will allow expanded and enhanced time zone coverage, along with customer service and disaster recovery capacity in support of F5's global business.
We look at the trends and changes in application services usage – across security, performance, and identity/access – from the first quarter of 2019.
F5 SVP Calvin Rowland recaps last week’s Red Hat Summit in Boston, highlighting the continued partnership between the two companies that resulted in F5 being honored with a Partner Technology Innovation Award by Red Hat.
The majority of organizations across the globe and in every industry are currently in process of digital transformation. Lori MacVittie looks at the latest trends surrounding the digital economy and supply chains to better understand how enterprises are changing how they develop apps, when they deploy apps, and with what architectures.
F5 has completed the acquisition of NGINX, an open source leader in application delivery. For additional background, read the press release and additional perspective from F5 and NGINX leadership.
Employees are often frustrated with corporate security policies and in general, most people’s primary jobs are not security related. F5 Security's Peter Silva discusses why it's important to devise security policies that work for, rather than against employees.
Mika Yamamoto joins the company in a new Chief Marketing & Customer Experience Officer position, and Geng Lin will take on the role of Chief Technology Officer.
Operations needs integration. Without it, we can't automate processes (which is what orchestration is) because processes necessarily span multiple systems, services, and devices—each of which likely has its own operational domain and toolset.
Our Bridging the Divide series continues with Robert Haynes addressing the long-standing myth within the networking and security communities; that secure software architectures are inflexible, and agile-delivered software is less secure.
We are nearly numb to breaches today because they happen with such alarming frequency. At the same time, we are so enthralled by our own brilliance in cryptography that we forget that most data at rest—tucked away inside databases—is unencrypted.
Bringing together F5 and NGINX, we will be able to satisfy the requirements for “reliability” no matter the definition. Whether that applies to the reliability of small, developer-driven deployments scaling modern applications or large deployments scaling application services and traditional apps alike, a combined portfolio will offer customers the ability to use the right tool for the right app.
Revenue of $544.9 million for the second quarter of fiscal year 2019 reflects 2% growth from $533.3 million in the second quarter of fiscal year 2018, driven by software solutions revenue growth of 30%. The combination of demand for application security and new software consumption models from F5, including Enterprise Licensing Agreements, helped drive 30% software revenue growth in the quarter.
There is a growing demand for APIs. Whether helping to fuel the digital economy by enabling mobile apps or internally pumping up productivity through automation and orchestration initiatives, APIs are everywhere.
As the world of container technology matures, so does the integration of the enterprise-class technology required to support it, encouraging traditional offerings to move in the direction of container orchestration environments like Kubernetes.
Today, both traditional and modern architectures are valid and necessary for business to succeed in delivering digital capabilities faster and more frequently and, most importantly, in the most efficient way possible to support its most valuable asset: a multi-generational portfolio of applications.
Whether it's an entire library of movies and television shows available at our fingertips or the ability to catch a ride, book a table, or find the nearest gas station, every type of organization is under pressure to address customer needs and add value digitally right now.
If you have already started automating F5 application services, you are likely familiar with using automation tools such as Ansible. To support more use cases and make application service deployment easier, F5 is releasing Application Services 3 (AS3) as part of the F5 Automation Toolchain.
Not every customer is at the same place in the journey to automation, so we’ve built F5's Automation Toolchain as a set of components that can be broken apart and used independently, then brought together as a unit when the time is right.
It's somewhat ironic that the number one application service respondents won't deploy an application without is security, and yet digging into the deployment details shows that perhaps that's not entirely true. In the cloud, at least, it seems security is being shoved to the side more often than it should be.
With consistent services and policies in the Alibaba Cloud, and across other supported cloud environments, operations teams can comfortably secure and optimize any app while providing developers the architectural flexibility to pick and choose their cloud of choice.
We've seen too many articles that pit DevOps teams and NetOps teams in opposition to each other, almost at the personal level. That’s not helpful, and this isn't one of them.
F5’s Hitesh Patel: In this environment the bar for success is no longer releasing a new product. It’s continually engaging and listening to all of the product constituents—customers, partners, F5 engineers, support staff—in a constant lifecycle of innovation and improvement.
With the general availability of GKE On-Prem (a core component of Google Cloud’s Anthos), F5 reveals its integration with this new solution, allowing its users to get one step closer to crafting a truly hybrid cloud architecture.
In recent years, there’s been a volley of sorts about data replacing oil as the world’s most valuable resource. And, as you might imagine, there is far from uniform agreement on the topic.
Back in the good old days, business could rely on the use of strategically deployed proxies to improve the performance of applications. That's because traditional applications—monoliths and three-tier architectures—generally employed a single data path between the client and the server.
Looking forward, F5 and NGINX can enable enterprises to address one of IT’s most pressing needs: fast, frequent deployments across a varied set of application architectures residing in multiple cloud properties. We believe that doing that successfully depends on NGINX remaining open source and being driven in large part by the community that built it.
F5 CEO François Locoh-Donou introduces a blog series to explore the divide that has existed between modern, open source applications developed in (and for) the cloud and the traditional, mission-critical applications that are often the last to migrate out of the enterprise data center.
DNS remains one of the least appreciated application services in existence. Its role is so important, that its failure is considered catastrophic. If every DNS system stopped answering queries, it would bring the digital economy to its knees within minutes.
Launching on AWS, new SaaS offerings provide optimized, easy-to-consume services for application developers and DevOps teams.
Venu Aravamudan, SVP & GM, F5 Cloud Services: F5 Cloud Services accelerate application delivery through a frictionless, intuitive multi-cloud platform. These SaaS solutions are optimized for cloud-native applications and microservices.
With the launch of F5 Cloud Services, Principal Product Manager Roger Barlow walks you through the specific advantages of the DNS Cloud Service, offering secondary authoritative DNS.
SVP of Business Development Calvin Rowland shares his excitement around F5’s acquisition of NGINX and looks ahead at the promise of combining technology partner ecosystems with open source efforts to benefit customers and deliver end-to-end application services.
Following up on the recent acquisition news, NGINX CEO Gus Robertson elaborates on F5's committment to the NGINX open source technology, developers, and community.
VP Trevor Rodriguez discusses his previous experiences working for a Tier 1 telecommunications company, and how they help illustrate the value that the F5 Service Provider Essentials offering provides for SP Operations teams.
Moore's Law is often expressed in terms of compute power doubling every two years. But by harnessing the power of containers and cloud, and the reliability and speed of modern networks, we don't have to wait two years to increase our ability to process data and make decisions faster.
Given the slow but steady adoption of HTTP/2 and the security challenges posed by HTTP/3, the latter is likely to face a long, uphill road to adoption for the foreseeable future.
Keiichiro Nozaki reflects on DevSecCon Singapore 2019 and the evolving roles of DevOps and Security teams, as well as the benefits of collaboration for both.
“F5’s acquisition of NGINX strengthens our growth trajectory by accelerating our software and multi-cloud transformation,” said François Locoh-Donou, President & CEO of F5.
For additional background on the March 11 announcement, F5’s CEO shares his thoughts related to the company's agreement to acquire NGINX.
Fail fast is the mantra of speed today. While the theory of this philosophy is good (for the business and for DevOps), in practice the result is often just more failure.
Partnership between F5, HPE, and Microsoft extends integration announced in September to further enable agility for customer application environments that use Azure Stack.
Team structure matters because it helps define your purpose and priorities. That, in turn, determines the metrics by which success is measured. This is significant not just because of the need to encourage a more collaborative culture, but because of the way it impacts decisions and technology choices.
Microservices and Function as a Service (FaaS) often facilitate Agile development because a relatively small team can design, develop, and then refine a service much more quickly than they can a large, monolithic application. But there's another interesting benefit of microservices and FaaS that isn't being touted as much as it should: security.
Vice President and General Manager, Service Provider, James Feger shares his thoughts on 5G, automation, IoT, and other industry topics that will be in focus during this year’s Mobile World Congress event.
For five years we've asked thousands of respondents across every role in IT and around the world a simple question: What one thing would you never deploy an application without? In other words, what's the most important thing you can provide for your applications?
By layering an F5 Advanced WAF in front of a 3scale API gateway, customers benefit from additional security measures that include the use of IP intelligence to identify threats faster and more accurately, the ability to offer a secure API façade internally or externally, and protection against a variety of application layer attacks.
New tools and services enable telecoms transitioning to 5G to optimize networks, monetize new services today, and secure their networks at every layer. F5 is also introducing a service and support plan designed specifically to meet the complex and evolving needs of service providers.
As the telecom network evolves to support 5G and a wide variety of use cases across different industry verticals, we note from the 2019 State of Application Services survey that telecom respondents are raising their technology profile as leaders.
While most of the focus of programmability is on operations today, there remains a significant amount of data path programmability that's vital to enabling consumers to interact with applications.
Function as a Service (FaaS) is quickly finding use in a variety of operational and development contexts. And while the rising star of cloud computing is often mentioned in conjunction with APIs and IoT and mobile apps, there is significant use outside development for the technology.
Keiichiro Nozaki provides his perspective on the 2019 State of Application Services, noting regional trends and themes to provide deeper visibility into the priorities of today’s organizations, as well as the technology initiatives they are pursuing.
F5 announces the availability of a joint solution with Equinix that provides automated HSM (hardware security module) capabilities as-a-service. This integration combines F5 BIG-IP and Equinix SmartKey technologies to simplify encryption key lifecycle management and provide superior security for organizations hesitant to store their ever-increasing number of keys in the public cloud.
SVP Calvin Rowland digs into a joint solution with Equinix that enables high-speed key retrieval, allowing BIG-IP to decrypt and orchestrate SSL traffic for any application regardless of its location—on-premises, private or public cloud—thereby drastically simplifying multi-cloud key management…and giving you one less thing to worry about.
The Year of the Pig is upon us! Peter Silva offers his thoughts on the coming year and what it might represent for businesses, security, and the larger industry as 2019 unfolds.
We know that just about half of the traffic on the Internet today is generated by bots. Some good, mostly bad. Operational efficiencies from automation and machine learning—usually discussed in a more positive context—are also being weaponized to perform reconnaissance probes and attacks alike.
Capital One Financial Corporation (NYSE: COF) announced that F5 CEO François Locoh-Donou has been appointed to the company's Board of Directors, effective March 1, 2019. Mr. Locoh-Donou will stand for election by Capital One stockholders in May 2019. >
The strategic importance of data can only be realized through an application. And an application can only fulfil its purpose by interacting with data. This strategic codependency can be clearly seen in this year’s State of Application Services report. >
The annual survey is given to top executives, directors, and financial analysts for identifying companies with the strongest reputations within and across industries. This is the second year in a row F5 has made the list. >
Container adoption has been a steady course to consume budget for a couple years now. What may be a surprise is the reasons behind that adoption. Spoiler alert: it isn't really about microservices. >
As DevOps has continued to press its case inside of IT, we've seen the adoption of automation and "as code" methodologies, including growing use of CI/CD tools like GitHub enterprise and Jenkins within the production pipeline. This post from Lori MacVittie and the Office of the CTO takes a closer look at Infrastructure as Code and what F5 is doing to enable and support it. >
Revenue of $543.8 million for the first quarter of fiscal year 2019 was up 4% from $523.2 million in the first quarter of fiscal year 2018. Growth compared with the first quarter of fiscal year 2018 was driven by continued momentum in software solutions, which drove year over year product revenue growth for the third consecutive quarter. >
APIs are the new CLI. Increasingly, it is through an API that infrastructure and application services are provisioned, configured, and operated. Between automation and integration into deployment pipelines, the API is a critical component that every device—hardware, software, on-premises, or cloud—must have. >
Diving into application services alone is (almost) always interesting. But delving into the applications, environments, trends, and technology that drive organizations to use an average of 16 different applications services gives us a valuable glimpse of what IT and business will look like in the next year. >
Just announced, the 2019 State of Application Services study looks at ways digital transformation is driving strategic decisions around the deployment and management of applications. The annual report reflects input from nearly 2,000 respondents globally across a range of industries, company sizes, and roles. >
Having a “Zero Trust Strategy” is a lot like having a “Cloud Strategy”; it’s pretty meaningless without the context of what you’re trying to achieve and where you are today. Global solution architect Graham Alderson identifies key topics to consider for organizations pursuing this type of approach to security. >
Five years ago, the industry was questioning the role of traditional IT – today IT organizations are embracing cloud and investing in the skills and toolsets required for automation. Cindy Borovick looks back at the industry’s progression in the context of the just released 2019 State of Application Services report. >
F5 welcomes Nick Mehta, CEO of Gainsight, Inc., and Marie E. Myers, CFO of UiPath, Inc., to its Board of Directors. Mehta and Myers bring considerable leadership backgrounds to F5’s Board, along with valuable technology expertise. >
Lori MacVittie: For as long as I can remember—which is a long time—the siren call of a single pane of glass through which to view and operate infrastructure has lured IT. Like the Holy Grail, it has never been discovered and a good many IT professionals have become cynics as to its existence. >
Lori MacVittie comments on the role of cloud and application services in the context of F5’s upcoming State of Application Services report. In all its forms—public, on-premises private, and SaaS—cloud has maintained its place of strategic importance, impacting the application services deployed, the tools and technologies used to automate and orchestrate IT, and even in the evolution of team structures inside organizations. Will this year continue the trend? >
Serverless is the rising darling of the cloud world, but it's often misunderstood and attributed with almost supernatural powers to reduce costs, speed time to value, and make you breakfast in bed. And if that wasn’t enough, it’s also frequently conflated with Function as a Service (FaaS). >
Previously available for AWS and VMware environments, BIG-IP Cloud Edition’s support for Azure gives customers another easy-to-buy, ready-to-use solution for delivering application availability, performance, visibility, and security. >
The growth of container app development incorporated into DevOps pipelines is nearing peak adoption across the app landscape, but some challenges persist. F5 declarative automation and orchestration solutions combined with ecosystem integrations are capable of delivering app services anywhere, including as Ingress into container environments. >
As the worlds of DevOps and NetOps collide and container environments subsume definitions traditionally used in the network, let’s explore the use of the often-confusing term "ingress" in terms of the data path and container environments. >
Ankita Bhalla revisits the importance of understanding the industry’s use of third-party hardware, highlighting F5’s iHealth and new Remote Attestation for TPM Chain of Custody feature as examples of how F5 helps keep you and your applications protected. >
Regional VP of Channels Lisa Citron congratulates the winners of the 2018 North America Partners of the Year Awards, recognizing the exceptional performance of strategic resellers, service providers, and distributors in providing training, solutions, and support to further extend the value of F5 technologies for customers. >
Cloud showed us a better way to onboard, provision, and operate network and application infrastructure—aspects that have been steadily pushing their way into the data centers of organizations worldwide. But the digital transformation that began with cloud is now seeping into on-premises systems to bring about something far more interesting: the breakup of the network. >
Coupled with Cisco Firepower series’ threat mitigation and performance capabilities, SSL Orchestrator performs the computationally heavy workload of decrypting traffic before distributing it to other devices in a security stack, so those same security devices are now able to cost-effectively scale. >
MAXIMUS provides critical health and human services programs to a diverse array of communities. Previously, IT infrastructure and operations weren’t scaling to meet their needs, and application deployment was a convoluted and time-consuming process. The team turned to F5 to help it migrate to AWS and automate its processes to free up resources for other projects. >
A KubeCon dispatch from F5’s Robert Haynes: One of the enabling technologies behind the adoption of platforms and working practices has been the systems that link intent to action in an automated, integrated way. Application services have to be part of this chain, and this represents a more fundamental shift than simply a change in runtimes. >
It’s important to recognize that it’s not always NetOps teams that get in the way of deploying the latest thing/app/service. Impediments to speed are often due to a failure to adopt all the premises of DevOps as organizations seek to transform IT operations. >
Keiichiro Nozaki, regional marketing architect/evangelist, recently attended the Gartner Symposium/ITxpo 2018 Asia Pacific on the Gold Coast, and asks the question: How many organizations are ready for digital transformation? >
It’s the time of year when crystal balls get a viewing and many pundits put out their annual predictions for the coming year. Peter Silva collects his picks of notable prediction lists making the rounds as 2018 comes to a close, along with brief commentary on each. >
This week sees the release of BIG-IQ 6.1, the latest evolution of F5’s management platform. Dan Schrader walks through the benefits of this new version, focusing on declarative technology for automating the delivery of network services, as well as updated security reporting and dashboards. >
SVP Kara Sprague discusses the increasingly important role of containers amidst developer scarcity in the age of Application Capital, also noting F5’s just released open beta for Aspen Mesh, a fully-supported service mesh built on Istio. >
With “machine identities,” we’re simply talking about how to ensure that an automated process can identify itself, and how other automated systems and processes grant the appropriate level of access to relevant resources. This concept is not new. What is relatively new is the scale at which it needs to be implemented. >
At KubeCon, Aspen Mesh (an innovation from F5 Networks) announced an open public beta of its fully supported and enterprise-ready service mesh built on Istio to help companies further embrace a model where applications are continuously developed and deployed. >
As the dust from the recent re:Invent conference settles, Tom Atkins reflects and takes a closer look at the most notable advances from what has been another dynamic and productive year for F5 on AWS. >
Timed to coincide with next week’s KubeCon in Seattle – one of the biggest DevOps-focused conferences of 2018 – we’re highlighting a dozen of our favorite pieces of DevOps-related content from the past year. >
Shawn Wormke from Aspen Mesh explains how service mesh is a glue that helps unite Development and Operations teams, providing one place in the stack that you can manage microservices at runtime without changes to the application or cluster. >
The stability and speed of today’s networks enable application services to act within a scalable system. Instead of a system deployed on a box, application delivery can embrace a modern, stack-based design. It can now be distributed to better take advantage of advances in technology and software, while continuing to benefit from expertise gained in previous years. >
2018 brought us larger breaches, bigger DDoS attacks, and intensifying challenges for organizations to face when defending their infrastructure from criminals. Applications were notably a primary target, and as 2019 rounds the corner, we need to be prepared for the continuous evolution of both cybercrime and security. >
Mainframes have a bad rap in IT. They are viewed as dinosaurs, when the reality is that they provide a significant source of computing power for many organizations—computing power that’s growing in use. They also have more to do with DevOps, Agile, and other modern methodologies than you might think. >
Companies developing and deploying applications in the cloud can face inefficient IT operations, scarce developer resources, rising app experience expectations from users, increasing security risks, and cloud migration challenges—just to name a few. SVP Kara Sprague digs into the role chaos plays in spurring IT innovation and how F5 solutions enhance and protect organizations’ most valuable assets: applications. >
Lori MacVittie highlights F5 Labs research on global attacks against IoT devices from January–June 2018, pointing out the sobering implications. Not only do IoT devices continue to be exploited, but they are being transformed into attack platforms, meaning attackers can better take advantage of what’s emerged as a guaranteed growth market. >
At AWS re:Invent 2018, we’re announcing the launch of F5’s Early Access Preview Program for the first of our cloud-based application services. Users now have instant trial access to DNS and Global Server Load Balancing (GSLB) services, with additional cloud-native, automated, and self-service solutions to follow. Hear more from SVP and GM of F5 Cloud Services, Venu Aravamudan. >
Modern security is a multi-vendor proposition. F5’s industry-leading Web Application Firewall solutions (such as Advanced WAF) can now be integrated with AWS Security Hub, allowing predefined alert information from blocked traffic (such as attack type, source, etc.) to be escalated to this central console for further review, alongside inputs from other security products. >
Before the start of AWS re:Invent, we’re excited to share the new Quick Start integration between F5 and AWS. F5’s Tom Atkins discusses how the service launches, configures, and runs the AWS compute, network, storage, and other services required to deploy your workloads on AWS. >
F5’s Robert Haynes looks forward to AWS re:Invent, sharing his perspectives and tips on how to avoid an ‘enthusiasm hangover’ after the conference when returning from a week’s worth of heady discussions around cloud innovation, enhanced features, and new opportunities. >
A particularly compelling advantage of applying machine learning to application security is that it focuses on constantly learning what is normal and identifying what is not. Lori MacVittie explains how layer 7 Behavioral Denial-of-Service (DoS) protection is like a flu vaccine that's capable of detecting the virus responsible based on its behavior rather than its actual composition. >
Cryptography is naturally a computationally expensive process, meaning it takes more CPU cycles to encrypt or decrypt a message than to execute business logic. For cloud deployments, these added CPU cycles have been an accepted cost because the point is to shift capital costs to operational expense. But decrypting and encrypting a message multiple times—at a non-zero cost each time—can really add up. >
In technology, simplification means abstraction, with declarative interfaces serving as a good example of that abstraction. By simplifying the interfaces used to provision, configure, manage, and integrate infrastructure today, declarative interfaces democratize infrastructure and open up opportunities for both NetOps and DevOps. >
Whether shifting existing applications or developing cloud-native solutions, there are tremendous benefits in scalability and availability gained from the Amazon Web Services (AWS) Cloud. F5 Solution Architect Greg Coward walks through a typical application deployment utilizing F5’s BIG-IP Cloud Edition to provide a centralized point of control for provisioning, configuring, and managing F5 application delivery controllers. >
It’s time again to dig into the application services organizations are actually using to make apps faster and safer. Of note this quarter again is a continuing rise in use of bot defense services, as well as growth around analytics-related services. >
Generally speaking, “ignore vulnerabilities” is not something you expect to hear from a security company. And you certainly don't see “ignore vulnerabilities” paired with the notion of “improving security.” But now you have. F5’s Lori MacVittie is kind enough to elaborate. >
To serve its diverse needs—including remote employees, citizen site visitors, police and emergency services, maintenance crews, among others—Bellevue turned to F5 for upgraded access, load balancing, and capacity, as well as a solution that would position the city well for future growth. >
With over 22 years of experience in the industry, Dias will be responsible for managing and expanding F5’s India operations. Formally joining F5 on November 12, 2018, he will be based in Bangalore and report to Adam Judd, Senior Vice President for F5 in Asia Pacific, China, and Japan. >
When approaching your production pipeline “as code,” it’s a certain bet that multiple sets of operators and developers will be responsible for it. This lies at the heart of the push for standardization—especially as NetOps takes the plunge into developing and maintaining systems to automate and orchestrate elements of the network and application service infrastructure. >
F5 reported revenue of $562.7 million for the fourth quarter of fiscal 2018, up from $538.0 million in the fourth quarter of fiscal 2017. Results were driven by continued momentum in software solutions, powering continued year over year product revenue growth. The company also delivered fiscal year revenue up 3.4% with strong operational performance. >
Just as it’s true that the application platform—the web or app server or app engine—must be provisioned first, so too must the network and application service platforms be provisioned before they can be configured. Increasingly, and especially in cloud environments, that provisioning and configuration process is driven by systems like HashiCorp's Terraform. >
So how does one flesh out a detailed digital transformation plan? First, take a quick look at the relationship between applications and your ambitions around digitalization. Then, work with partners and vendors who have been guiding the application-focused evolution of business processes for years and have delivered tangible results. >
Speculation continues around why businesses and industries formerly reluctant to officially encourage open source software use have suddenly embraced it. Most often, the legacy culprit is assumed to be a fear of legal liability. But another catalyst is the driving force of digital transformation. >
Serverless means developers don’t need to worry about infrastructure. And the business, too, sees value in its speed and efficiency. Combined with the frictionless nature of deploying code with serverless, you can be out the door with functionality in hours rather than weeks or months. >
Chief Architect Dave Schmitt and the Office of the CTO reflect on the importance of hardware security expertise in the context of the recent Bloomberg piece on Super Micro. The article also includes questions to ask your vendors to help make sure your systems are protected. >
F5 is one of an exclusive group of launch partners of AWS’ Consulting Partner Private Offers Program, giving partners extended capabilities in making F5 application services available to customers via the AWS Marketplace. >
Infrastructure, Configuration, Pipeline, Operations. Suddenly everything is “as code.” Lori MacVittie attempts to sort through the terminology and identify the different components within a continuous IT stack. >
Lori MacVittie explores how the industry has found itself with a strange hybrid of Service-Oriented and Microservice architectures that leaves many wondering where one ends and the other begins. >
An immigrant from Togo who came to the U.S. via France, François Locoh-Donou offers his perspectives on inclusion and the “business of doing good” at the 2018 Seattle Metropolitan Chamber of Commerce Annual Meeting. (GeekWire article with presentation audio) >
The F5 SVP stops by SiliconANGLE Media’s livestreaming studio during the recent Ignite conference to discuss the role of F5 application services in supporting multi-cloud environments, the company’s emphasis on security, and the impact of emerging technologies. >
When we recently polled IT ops practitioners on the ‘State of Network Automation,’ we found the market experiencing a number of challenges. Among those cited specifically by NetOps professionals was a lack of integrated tools with which to move forward with automation efforts. >
While the adoption of cloud and containers have disrupted typical network architectures, applications remain tethered to the data for which they are the primary interface. CTO Ryan Kearny explains how a cause-and-effect relationship between apps and data is critical to the future of application delivery, particularly as we find ourselves on the verge of generating more data than we can move. >
The goal of automation in almost any industry focuses on optimization and eliminating bottlenecks. In the world of IT, that typically means addressing the in-between steps of an operational process. >
We take a quick look back at this summer’s enhancements to the F5 Labs site, and how the team is improving your access to application security and threat analysis research. >
From day one of development through post-deployment, the choices we make regarding the security of the entire application stack play out with far-reaching consequences. >
For many IT groups, the pressure to migrate to public clouds is immense. An F5 collaboration simplifies applications running across Microsoft Azure Stack regions into a consolidated infrastructure for business operations. >
With support from Mayor Durkan, University of Washington, Amazon, Microsoft, and others, the Innovation Advisory Council will act as an advisor on issues and policies affecting the city around topics such as homelessness, housing, and transportation. >
The evolution of F5’s annual survey now emphasizes the application services you need rather than the platforms you use to deliver them. Learn more and participate in the survey today! >
APIs are not integration. They are a means to implement integration. And judging by the challenges seen in the industry, they aren’t enough for IT to get continuous. >
Lori MacVittie comments on a recent report from Lacework highlighting the need to reiterate one of the common core security rules: Thou Shalt Not Leave Admin Consoles Open >
Just as previous app architectures have driven responses in the network infrastructure, so are containers and microservices. Only this time the changes aren’t coming in the form of a new box. What’s happening now is the move to integrate the application services developers need into the container environment. >
During F5’s recent Agility conference in Boston, a group of industry participants from the global service provider community met to discuss and debate topics such as the role of emerging SDN infrastructures, automation, and security. >
For decades, application services have been deployed on shared platforms. But emerging application architectures such as microservices are forcing changes in the production pipeline that better map to modern deployment schedules and operational practices like infrastructure as code. >
François Locoh-Donou describes the modern application’s role in accelerating value creation, joined by customer speakers from Motorists Insurance Group and MarketAxess. >
From F5’s Office of the CTO, Lori MacVittie draws connection points between DevOps practices and F5’s new declarative interface that decreases reliance on APIs and increases the ability to implement a fully automated, continuous deployment pipeline. >
SVP Kara Sprague explores the emergence of Application Capital in the context of customer expectations, industry trends, and F5 innovations. >
Lori MacVittie explores the potential of achieving an ‘MVD’ for an application by adopting a per-app architecture for its tightly coupled app services. >
The association of a singular identity with an IP address is so tightly ingrained in our heads that we tend to apply it to other areas of technology. Even when it’s utterly ineffective. >
A veteran leader of high-performance global teams with more than 25 years of deep industry knowledge in the technology sector, Helfer to oversee sales across EMEA (Europe, Middle East, and Africa). >
Sometimes I love reading commentary from El Reg on IT and technology. Delivered with just the right amount of bite, their bark is often right on target. >
Or is that ‘tears’ of frustration? ¯\_(ツ)_/¯ Perhaps it’s both. There is a relationship between network and application architectures. >
Zach Westall explains what intelligent traffic management, orchestration, and autoscaling have to do with a good party, wrapping...>
In a more balanced world, application users would have the same level of concern for the security of their data as they do for their access to it... >
Oh yes. It’s happening. Consider making it a part of your overarching cloud strategy to make the process less painful. What do the following have in common? Salmon, Canadian... >
As a developer, my favorite editor for writing code is vim. I know, I know. But it’s fast, I can get around in it, and it isn’t emacs. (Yeah, I went... >
Perfect for development and test purposes, these instances provide true cloud-native operational flexibility with no long-term... >
There’s an old business axiom we all know that goes like this: The customer is always right. In this digital economy, it turns out that axiom has to... >
There are days when the jargon coming out of container land makes your head swim. With each new capability or feature offered by related solutions – service mesh... >
Back in 2013, we were introduced to the concept of an immutable server. An immutable server is, as the term immutable suggests, static. Its configuration is fixed and cannot (or at least should... >
F5 Labs’ Ray Pompon explores how intellectual property theft relates to your morning latte...and is also costing the U.S. $600 billion per year. >
This is the last blog in a series on the challenges arising from digital transformation. The Surprising Truth about Digital Transformation The Surprising Truth about Digital Transformation:... >
Apps introduce risk, and the apps that rely on other apps introduce even more risk – Zach Westall continues his blog series on BIG-IP Cloud Edition... >
A closer look at how F5 provides an application-centric view of the health, performance, and security of your applications and the... >
As part of the robust and expanding Ansible ecosystem, F5 provides a wide variety of Ansible modules to automate the onboarding... >
F5’s BIG-IP Cloud Edition is now released and available to order. Since you already may have read the general overview from our press release last month, I will use this blog to drill into more... >
Usually when we talk about app protection we immediately focus on web application firewalls. Specifically, we tend to focus on the OWASP Top Ten and application layer vulnerabilities that can lead... >
US-CERT TL18-106A alert underscores how insecure Internet systems really are and that ignoring the problem... >
It will be no surprise for many IT veterans to hear that when app performance becomes an issue, security is the first service out the door... >