F5 is set to highlight a series of new solutions at GITEX Global 2023. Key developments in the spotlight include new multi-cloud networking (MCN) capabilities that extend application and security services across one or more public clouds, hybrid deployments, native Kubernetes environments, and edge sites.
The solutions represent the next evolutionary step for the F5 Distributed Cloud Services platform, which enables customers to easily integrate network operations, application performance optimization and troubleshooting, and visibility through a single management console.
The new offerings include Distributed Cloud App Connect, which provides an integrated stack approach through a single console to combine comprehensive app networking with full app security, faster provisioning, and ease of use. In addition, Distributed Cloud Network Connect makes it highly secure and simple to deploy connectivity across cloud locations and cloud providers.
The solutions come hot on the heels of F5’s 2023 State of Application Strategy (SOAS) report, which found that 85% of organizations operate distributed application deployments, spanning traditional and modern architectures and multiple hosting environments. “Distributed deployments add operational complexity and cost, obscure visibility, and increase the surface area for potential cyberattacks,” said Mohammed Abukhater, RVP for META at F5. “F5 can now deliver a platform-based approach that is cloud-agnostic and purpose-built to meet the needs of traditional and modern apps—all without increasing complexity or losing granular control and necessary visibility.”
F5 will also showcase its latest security capabilities, including new machine learning enhancements to provide F5’s cloud security portfolio with advanced API endpoint discovery, anomaly detection, telemetry, and behavioural analysis. “F5 customers can now strengthen their security posture with a continuously improving analysis engine and unified policy enforcement. These capabilities enable secure app-to-app communications through validated and monitored APIs, thereby reducing the time security teams spend correcting false positives and accelerating time-to-deployment for new services,” the company said.
- Enhanced API Security Provides Greater Protection for Modern Apps. F5 delivers API auto-discovery, policy enforcement, and anomaly detection as part of a unified WAAP service, simplifying operations and enforcement through a single console for both app and API protection. Since static signature-based controls are insufficient for protecting API endpoints due to their dynamic, evolving nature, F5 Distributed Cloud API Security utilizes optimized machine learning for automatic API discovery, threat detection, and schema enforcement.
- AI as an Essential Element of App Security. F5 has introduced AI-driven web application firewall (WAF) capabilities, including unique malicious user detection and mitigation capabilities that create a per-user threat score based on behavioural analysis that determines intent. This enables security operations to choose between alerting or automatic blocking to mitigate an attack that would otherwise go undetected by static signatures. All traffic is monitored and proactive defences are applied based on malicious user behaviour that can be correlated across Distributed Cloud WAAP deployments. The new functionality also provides false positive suppression, making it easier to block bad traffic without accidentally blocking legitimate users, and streamlines operations by reducing the time necessary to enable specific app protections.
F5 is expanding its managed service offerings via:
- Distributed Cloud WAAP Managed Services, enabling F5 customers to access the experience and expertise of the F5 SOC to manage WAF, bot defence, and DDoS protection. Through a shared console, customers have the ability to seamlessly move between a self-service or managed service model as the needs of their apps and approach to app security change.
- Distributed Cloud Managed Service Portal, enabling F5 service provider partners to build and tailor their own managed service offerings based on the leading security capabilities of F5 Distributed Cloud WAAP. This approach lets partners manage Distributed Cloud WAAP on behalf of their customers without sacrificing visibility, resulting in new revenue sources and value-added services while extending the overall reach of the solution.
“F5 is increasingly standing out for its ability to secure apps in a multi-cloud environment,” said Abukhater. “On the one hand, you have networking players that have multi-cloud capabilities, but they don’t have security. Then you have security players that have capabilities in SaaS and in the cloud, but they are not multi-cloud. To get their security capabilities, you have to put your apps in their walled garden, which is not sufficient either because apps are more and more distributed to ensure the best performance. Digital services that don’t meet the expectations of end-users cost companies millions of dollars in lost sales. F5 was built to solve this problem.”
In other news set to inform the GITEX agenda, F5 NGINX has announced a new subscription option that adds enterprise-level capabilities and support to the hugely popular NGINX Open Source web server, which currently powers over 400 million websites. The Open Source Subscription is a bundle that includes enterprise support to navigate regulatory requirements, enterprise features to address a wide range of traffic management and identity use cases, as well as fleet management for risk reduction via simplified NGINX administration.
“NGINX Open Source is known as the developer’s Swiss army knife,” added Abukhater. “Whether you need a web server, reverse proxy, API gateway, Ingress controller, or cache, NGINX has you covered. However, there was one thing NGINX Open Source users kept telling us was needed: enterprise support. This is why we expect our subscription option to have a big and immediate impact across the world.”