F5 Networks announced enhancements to its application and data security solutions designed to help customers combat cyber attacks and prevent loss of service and data. F5’s new BIG-IP version 11 software along with BIG-IP Application Security Manager (ASM), BIG-IP Access Policy Manager, BIG-IP Global Traffic Manager (GTM), and BIG-IP Edge Gateway, helps protect Web applications and data, secure DNS infrastructures, and establish centralized application access and policy control.
Aiming to help customers run dynamic data center environments that are highly scalable and running at peak performance, Version 11 enhancements to BIG-IP products and associated modules provide advanced security services, including:
• Protection for Interactive Web 2.0 Applications – With F5’s web application firewall, BIG-IP Application Security Manager (ASM), organizations can protect interactive web 2.0 applications, such as a real-time stock site that continuously updates pricing information. BIG-IP ASM secures the application and displays an alert in the event of a policy violation. The alert, in the form of a unique blocking page, includes a support ID so the user can contact the network administrator to resolve the issue.
• Unified and Dynamic Access Control – With a growing number of users accessing corporate resources remotely, IT is challenged to enforce common access and security policies across a vast range of devices, locations, and applications. BIG-IP Access Policy Manager (APM) and v11 give IT managers control by providing enhanced support for endpoint inspection, multiple authentication methods, single sign-on, and external access control lists. With BIG-IP APM, administrators receive detailed information about users, applications, and the network, providing them the context they need to create network and application access policies—and the solution gives them a single point of control from which to enforce those policies globally.
• Enhanced Management and Reporting Capabilities – To provide application-level security and ensure adequate response time for users, administrators need powerful visibility and reporting tools. BIG-IP APM provides both, with its built-in and customizable reporting features and the industry’s first contextual user visibility tools. Now administrators can track information, such as who is online and when, what type of device and network they are using, and which applications and other resources they are accessing.
• Scalable DNS Infrastructure with DDoS Attack Mitigation – When DoS or DDoS attacks occur, DNS is just as vulnerable as the web application or service that is being targeted. New features in BIG-IP Global Traffic Manager (GTM) provide both capabilities. With DNS Express™, a high-speed authoritative DNS delivery solution, DNS query response performance can be improved as much as tenfold. DNS Express offloads existing DNS servers and absorbs the flood of illegitimate requests during attacks—all while supporting legitimate queries. With this significant offload capability, customers can consolidate their DNS infrastructures by up to seventy percent. With v11, BIG-IP GTM also integrates IP anycast, enabling queries to be received by multiple global traffic management devices that use the same IP address.
• Flexible Application Security Across all IT Environments – BIG-IP ASM will be available as a virtual edition (VE), providing organizations with more flexible deployment options. Using BIG-IP ASM VE, customers can test applications in virtualized and cloud environments before deploying them in production. BIG-IP ASM VE also automatically updates all synced pool members whenever policy changes occur.
“The most significant breaches of late have been through exploiting web applications. Web application firewalls have seen great advances, but single-layer solutions are no longer enough to fend off today’s sophisticated attacks,” said Greg Young, Research VP at Gartner. “It’s vital for organizations to take a dedicated approach to security—one that protects both the network and the applications.”
“The integration of F5 BIG-IP Access Policy Manager with Oracle Access Manager 11g can give customers a holistic enterprise architecture that helps simplify authentication and reduces infrastructure costs,” said Marc Boroditsky, VP of Product Management, Oracle Identity Management. “With the new version of BIG-IP, Oracle Access Manager 11g customers can also benefit from layered security services that provide additional protection for applications and data.”
BIG-IP version 11 software and virtual editions of F5’s BIG-IP Global Traffic Manager, Application Security Manager, and WAN Optimization Manager products will be available in Q3 2011.
