USE CASE

F5 and AWS: Ensure Enterprise-grade Security in the Cloud

INCLUDED IN THIS USE CASE

BIG-IP

BIG-IP Virtual Editions

BEST FOR

Network, Compliance, Access

The Challenge

Attackers are always developing newer, smarter ways to get past security measures, making the compromise of corporate and client data an ongoing concern. In 2014, over a billion personal and sensitive records were compromised—that’s around 3 million per day1. One of the most common points of attack is through your web application, using tactics like SQL injection and session token abuse. So how do you guard against these types of attacks when your applications are deployed across the public cloud, private data center, or mix of environments?

The Solution

By implementing a Web Application Firewall (WAF), you can counter attacks against your web applications, whether they’re hosted on-site or in the cloud. A WAF monitors HTTP requests and responses at the application layer. By evaluating the traffic in the context of individual user sessions, a WAF can detect and block application-layer attacks that often slip past other defenses.

A WAF also reduces downtime by allowing you to protect and virtually patch applications while the code is being fixed. Advanced systems, such as BIG-IP Application Security manager (ASM), also protect against screen scraping and layer 7 Denial of Service (DoS) attacks, while promoting Data Loss Prevention (DLP).

As your need for agility pushes your applications from the data center to the cloud and Infrastructure as a Service (IaaS) solutions, like Amazon Web Services (AWS), it’s vital that additional security measures such as WAFs migrate with your applications.

CASE STUDY

We paired F5 with AWS to build a solution that not only met the web team’s agility needs, but also fulfilled our corporate security requirements.

Read the Case Study

 

 

Benefits of F5 BIG-IP Application Security Manager

  • Protects against OWASP top 10 threats, application vulnerabilities and zero-day attacks
  • Detects sophisticated attacks before they reach your application
  • Provides rich statistics and analytics you can integrate into your reporting or alerting systems
  • Simplifies deployment by combining simple templates with powerful tools

Go Virtual with BIG-IP ASM and AWS

BIG-IP ASM is available as a Virtual Edition through the AWS Marketplace. It’s the same software available for on-premise deployment, designed to protect your AWS applications. The same settings, configurations, tools, skills and monitoring systems span environments, lowering your operational costs and improving quality.

Flexible Licensing Models:

Pay as you go gives you more flexibility and helps you reduce your overall consumption requirements without sacrificing performance or acceleration.

Annual subscriptions or Bring-Your-Own-License (BYOL) are more predictable and cost-effective options for workloads with steady-state traffic.

Volume Licensing Subscriptions (VLS) provide a cost-efficient way to purchase licenses in 1- or 3-year subscriptions.

Visit the Amazon Marketplace for a Free Trial

1 https://www.riskbasedsecurity.com/2015/02/2014-data-breaches-a-billion-exposed-records-a-new-all-time-high/

Connect with F5

F5 Labs

The latest in application threat intelligence.

DevCentral

The F5 community for discussion forums and expert articles.

F5 Newsroom

News, F5 blogs, and more.