Security Experts:

F5 Networks Expands Application Delivery, Security Products

F5 Networks expanded its Application Delivery Networking lineup with new and more powerful tools, including a new top-end VIPRION 4800 blade chassis and an advanced firewall.

The new firewall product, the Application Delivery Firewall (ADF), is a Layer 4 firewall with capabilities for traffic management, user access management, and DNS security, all in a single platform, F5 Networks said Jan. 29. The ADF will integrate with F5's denial of service protection tool, Secure Sockets Layer (SSL) termination application, and Web application firewall. With the DoS tool, the ADF can mitigate SYN-floods, and the Web application firewall can address SQL injection and cross-site scripting attacks.

F5 VIPRION 4800 PhotoRunning on the BIG-IP hardware platform, the new BIG-IP Advanced Firewall Manager will simplify data center security because administrators can take care of multiple tasks from a single management console, the company said.

"Increasingly, we're seeing organizations grapple with attacks that target applications, in addition to more conventional network and perimeter threats," Mark Vondemkamp, vice-president of Security Product Management and Marketing at F5, in a statement.

F5 products can protect organizations from large-scale attacks such as DDoS attacks by identifying malicious actions, prioritizing how requests from specific locations are handled, and focusing on addressing properly qualified requests, the company said.

Integrating network firewall functionality into BIG-IP eases the burden on IT teams who are trying to manage traffic, user access and security all at once, as the Advanced Firewall Manager uses the same management console as other F5 products, F5 said. The integrated applications provide sophisticated logging and reporting capabilities that can be customized on a per-application basis. Network, application, and security teams can easily access the security logs relevant to their tasks without having to rely on a single global logging system for all events, F5 said.

This level of granularity helps organizations and teams improve compliance and planning efforts, while streamlining the monitoring of application, network, and security events.

"Because F5 products occupy strategic points of control within the infrastructure, they're ideally situated to combine traditional application delivery with firewall capabilities and other advanced security services," Vondemkamp said.

F5 Networks also added three new series to its core BIG-IP application delivery hardware products, and enhanced throughput of its virtual version to 3Gbps, the company said Jan. 29. The new 2000 series ADC replaces the 1600 series and is intended to be an entry-level model. The new 4000s and 10200v platforms target the mid-market and the higher-end of the market, the company said.

The company's new top-end VIPRION 4800 blade chassis is designed for demanding enterprises and service provider environments, and can be configured to provide up to 16 40Gb Ethernet ports, F5 said. The 4800 can manage up to 8 million connections per second, 288 million concurrent sessions, and 640 Gbps of total throughput, which is effectively double the capabilities of the older VIPRION 4480.

The enhancements to BIG-IP Application Security Manager include support for applications written with the Google Web Toolkit and better detection and mitigation capabilities for clickjacking. The new functions help businesses strengthen their security posture for Web applications, F5 said.

All new products will be available in February.

view counter
Fahmida Y. Rashid is a Senior Contributing Writer for SecurityWeek. She has experience writing and reviewing security, core Internet infrastructure, open source, networking, and storage. Before setting out her journalism shingle, she spent nine years as a help-desk technician, software and Web application developer, network administrator, and technology consultant.