F5 integrates security for multi-cloud app protection.

F5 Networks has rolled out an integrated, cloud-based security platform and services aimed at protecting widely distributed enterprise applications.

The company used its Agility conference this week to introduce its overarching Distributed Cloud Services platform, which will bring together security technologies from recent acquisitions, including Threat Stack, Volterra, and Shape Security, plus its own web-application firewall and other components to offer an integrated, secure, distributed application-management platform for on-prem or cloud deployment.

“Modernizing apps includes transformational actions such as leveraging microservices, using multiple clouds and edge locations instead of a single cloud provider, and utilizing API-based communication to connect workloads and data,” wrote Haiyan Song, executive vice president and general manager of F5’s Security & Distributed Cloud Product Group in a blog about the new services.

“Resources are taxed—especially security teams, and modernization efforts are putting increasing pressure on most organizations’ security postures. Apps are evolving fast; security teams and technologies need to keep pace—this is easier said than done.” An overriding goal is to reduce the complexity of app deployments and facilitate network modernization, Song stated.

The first  Distributed Cloud Services service—F5 Distributed Cloud WAAP (Web application and API protection)—includes the vendor’s web application firewall, bot mitigation, and DDoS- and API-protection capabilities. It will provide a single  console for enabling enforcement of consistent security policies to applications wherever they need to be deployed.

Specifically, the service utilizes F5’s Distributed Cloud WAF that offers signature- and behavior-based protection for web applications. It inspects application requests and responses to block and mitigate a broad spectrum of risks culled from the Open Web Application Security Project (OWASP) Top 10 threats, including malicious users and more, according to Mark Weiner, vice of product marketing, security, and distributed cloud at F5.

It also features API security through F5’s Distributed Cloud API With automatic API discovery that can identify and map API endpoints to any app as well as provide support for a positive security model. With it, organizations can observe, refine, and enforce proper API behavior, Weiner stated.

F5 Distributed Cloud Bot Defense manages and deflects malicious automation to prevent sophisticated, human-emulating attacks. It brings together unified telemetry, network intelligence, and AI/ML with human analysis to identify and defend against automated threats such as credential stuffing and account takeover, Weiner stated 

Another component, F5 Distributed Cloud DDoS Mitigation, offers Layer 3-7 distributed denial-of-service (DDoS) protection to block spoofed and malformed traffic, request floods, and other forms of abuse that attempt to overload web properties and apps, Weiner stated.