F5 Networks Enhances Big-IP Security Platform

With F5's Web application firewall, the Application Security Manager (ASM), organizations can protect Web 2.0 applications.

Application delivery networking (ADN) specialist F5 Networks announced enhancements to its application and data security solutions, which provide customers with security strategies to prevent loss of service and data. F5's Big-IP version 11 software-along with Big-IP Application Security Manager, Access Policy Manager Global Traffic Manager (GTM) and Edge Gateway-delivers a unified platform that helps protect Web 2.0 applications and data, secure DNS infrastructures, and establish centralized application access and policy control.

With F5's Web application firewall, the Application Security Manager (ASM), organizations can protect interactive Web 2.0 applications, such as a real-time stock site that continuously updates pricing information. Big-IP ASM secures the application and displays an alert in the event of a policy violation. The alert, in the form of a blocking page, includes a support ID so the user can contact the network administrator to resolve the issue.

With the APM, administrators receive detailed information about users, applications and the network to create network and application access policies-and the solution gives them a single point of control from which to enforce those policies globally. Big-IP v11 continues to focus on F5's platform for a dynamic data center, which is designed to enable small to medium-size businesses (SMBs) to deploy high-performance, scalable services on demand while keeping applications and data secure.

The platform's management and reporting capabilities allow administrators can track information, such as who is online and when, what type of device and network they are using, and which applications and other resources they are accessing, while DNS Express offloads existing DNS servers and absorbs the flood of illegitimate requests during attacks.

"The most significant breaches of late have been through exploiting Web applications. Web application firewalls have seen great advances, but single-layer solutions are no longer enough to fend off today's sophisticated attacks," said Greg Young, research vice president at IT analytics firm Gartner. "It's vital for organizations to take a dedicated approach to security-one that protects both the network and the applications."

With v11, Big-IP GTM also integrates IP anycast, enabling queries to be received by multiple global traffic management devices that use the same IP address. This functionality provides linear performance scalability for GTM and DNS services with each F5 device that is added. ASM will be available as a virtual edition (VE), allowing administrators to test applications in virtualized and cloud environments before deploying them in production. ASM VE also automatically updates all synced pool members whenever policy changes occur.

"The latest rash of security attacks is catching many organizations by surprise because they mistakenly believe their siloed security solutions, such as network firewalls or IPS systems, offer enough protection," said Karl Triebes, CTO and senior vice president of product development at F5. "While the attacks themselves cannot be prevented, most of the security breaches that result from these attacks can unquestionably be stopped. Defending against such multilayer attacks requires an integrated approach that combines network security, application security and access control. This type of strategy will be even more critical as organizations begin to move their applications and data into the cloud."