New solutions give customers the protection and intelligence required to keep applications and user data secure
The company also revealed details of an enhanced Security Incident Response Team™ and threat intelligence analytics in the formal launch of F5 Labs™.
The move comes as growing concerns over privacy and security drive encrypted traffic growth, which is expected to represent 70 per cent of all internet traffic this year according to the 2016 TLS Telemetry Report1.
It also follows on from F5’s State of the Application Delivery report2, which for the first time highlighted that speed and availability were a secondary customer concern to overall application protection.
“Protecting customers and data now requires deep insight into application traffic and user behaviour. The more traffic that is encrypted with SSL, the more blind and ineffective security tools are to detecting the SSL traffic hiding malware and other malicious software,” said Ryan Kearny, CTO, F5 Networks. Sophisticated threat intelligence and response strategies paired with simplified access controls for applications and data are essential. Our new solutions, capabilities and services have been designed to holistically address the impact of emerging threats and shifts within the broader IT industry.”
New addition to F5’s security offerings include:
The Herculon™ security product line
Through the combination of F5’s standalone security offerings with its purpose-built hardware and simplified user-experience, the Herculon product range allows security administrators to deploy solutions quickly without the hindrance of security obstacles and threats. The first two entries in the Herculon portfolio include:
- Herculon SSL Orchestrator™provides better insight for the visibility gaps created by the growing use of encryption for application data. The product uses F5 hardware for SSL/TLS and enhances performance by providing leading cryptographic capabilities, context-aware dynamic service chaining, and native integrations.
- Herculon DDoS Hybrid Defender™gives customers a multi-layered defense against DDoS attacks. It integrates high-performance hardware with offsite cloud scrubbing via F5 Silverline. The time to mitigation is improved with this hybrid approach and provides comprehensive DDoS coverage through behavioural analytics, sub-second attack mitigation, and visibility into sophisticated application layer attacks.
Cloud-based application security: Silverline® WAF Express™
F5 is introducing a pre-configured, self-service offering that takes advantage of its cloud-based Silverline platform. Customers can easily select which applications WAF services are applied to, while F5 manages security policies behind the scenes to protect apps from a wide range of threats including OWASP attacks, parameter tampering, and bots. In this model, F5’s Security Operations Centre experts engage and maintain policies, including monitoring, app attack mitigation, and analytics for applications hosted in the public or private cloud, as well as the data centre
Security Incident Response Team™
The Security Incident Response Team™ (SIRT™) has been designed to identify threats and deliver an immediate response to mitigate or neutralise potentially harmful activities and protect business operations. The services team augments F5’s solution portfolio with added monitoring, analysis, post-incident reports, and recommended best practices to effectively respond to cybercrime attempts, and to help make sure that websites, applications, and users stay secure and connected. The service is available to all F5 security customers throughout the security product lifecycle.
F5 has expanded and rebranded its existing analytical capabilities by recruiting additional industry experts and researchers to gather cutting-edge global threat intelligence, analyse application threats, and publish related findings. F5 Labs provides a more visible platform to weigh in on security topics affecting the broader IT industry, with specific insights from F5’s Mike Convertino, as well as other industry CISOs and partners. F5 Labs also provides opportunities for threat-related intelligence and learnings to be incorporated into the company’s development roadmap, along with customized innovations via F5’s programmable technologies and DevCentral community.