Welcome!

News Feed Item

F5 Expands Synthesis Architecture with Advanced Web and Fraud Protection Services for Worry-Free Application and Internet Access

As part of its vision to provide a comprehensive portfolio of security solutions and services, F5 Networks (NASDAQ: FFIV) announced today two new offerings. F5® Secure Web Gateway Services enables enterprises to defend against potential malware threats encountered by employees who regularly access web pages and use web-based applications, Software as a Service (SaaS) applications, and social media sites. With this solution, enterprises can consolidate their security infrastructures and better enforce policy and regulatory requirements. Complementing this solution is F5’s Web Fraud Protection reference architecture, which helps enterprises protect their users and customers from web-based and mobile threats, regardless of the type of device or browser they use or the location from which they access the Internet and web-based applications. Together, these solutions help enterprises protect against advanced persistent web threats, ensure policy compliance, and improve employee productivity.

These latest security-focused offerings add to F5’s growing repertoire of Software Defined Application Services (SDAS), designed to help customers deploy applications safely and reliably in any IT environment. In November 2013, as part of its F5 Synthesis vision, F5 announced the DDoS Protection reference architecture to help enterprises ensure network and application availability, and the Cloud Federation reference architecture to enable enterprises to safely use SaaS applications.

“F5 is helping enterprises tackle a broad spectrum of security challenges head on by continuing to expand our security offerings,” said Mark Vondemkamp, VP of Security Product Management and Marketing at F5. “Our focus remains on safely connecting users, whatever type of device they’re using, with applications, wherever they may reside—and giving enterprises complete control over the policies that govern those connections. Whether you’re talking about inbound or outbound protection, we believe it should all be part of one comprehensive application security strategy.”

SECURE WEB GATEWAY SERVICES HIGHLIGHTS

Enterprises are more vulnerable to web-based malware as employees increasingly use the corporate network to access web- and cloud-based tools, SaaS applications, and social media sites. Those that grant employees unrestricted Internet access face potential challenges of declining productivity, Internet abuse, and bandwidth saturation due to unnecessary use of network resources (such as for video streaming).

F5’s Secure Web Gateway Services solves these challenges by ensuring that employees are accessing the Internet in ways that enhance their productivity and, at the same time, protect the enterprise from potential liability and web-based threats. The solution is unique in that it integrates secure web gateway capabilities with other access services such as SSL VPN, identity federation, VDI access proxies, and web access management. As a result, F5 customers can configure and enforce context- and content-aware application access policies for inbound and outbound traffic on a single platform, reducing the number of appliances in the network. While other vendors’ solutions often require customers to deploy multiple appliances that provide only a fraction of the desired performance, F5’s Secure Web Gateway Services delivers superior price/performance and can reduce a customer’s total cost of ownership by as much as 67 percent over competitive offerings.

Additional differentiators of F5 Secure Web Gateway Services:

  • Combines the most scalable access gateway with the most effective real-time web threat intelligence
  • Identifies and authenticates users and assesses risk based on full user-application context (not simply user identity or website reputations independently)
  • Inspects endpoints before allowing users to connect to the Internet and after users have connected
  • Enables configuration of both inbound and outbound user access policies and extends visibility and control, even when users access SaaS applications through SAML assertions
  • Supports single sign-on (SSO), enabling authenticated users to connect to other authorized web and SaaS applications

WEB FRAUD PROTECTION SOLUTION HIGHLIGHTS

Enterprises must not only protect their networks, applications, and data, they must protect their customers, too. Customers of companies with public-facing web properties and services—particularly banks and financial institutions, e-commerce companies, and social media sites—are increasingly vulnerable to malware and phishing attacks designed to steal identity, data, and money. Estimates indicate that 37.3 million Internet users worldwide experienced phishing attacks from May 1, 2012 to April 30, 2013i and that 1 million U.S. computers were infected with banking malware in 2013.ii

F5’s Web Fraud Protection reference architecture comprises F5 MobileSafe and F5 WebSafe. While MobileSafe provides fraud protection for mobile devices and applications, WebSafe enables enterprises to protect their customers from online-based threats such as credentials theft, automated fraudulent transactions, and phishing attacks.

WebSafe is distinct from competitors’ offerings because it is the only clientless solution that can transparently inspect the endpoint, detect malware activity, and provide protection from it. A subscription-based solution, WebSafe also features 24x7x365 support provided by F5’s Security Operations Center (SOC), acquired as part of F5’s purchase of Versafe in September 2013. Since then, the SOC, which conducts advanced security research, has released key threat intelligence data regarding zero-day vulnerabilities and the latest fraud, phishing, and malware attacks. As part of the WebSafe offering, the SOC monitors attacks in real time, notifies customers of threats, and if necessary, can shut down phishing sites.

At a glance, F5’s Web Fraud Protection solution:

  • Provides an on-premises and cloud alert system
  • Transparently protects users on any device, any browser
  • Detects and can shut down phishing sites
  • Encrypts logins and web transactions in real time
  • Distinguishes between human-generated and automated (fraudulent) transactions

SUPPORTING QUOTES

“With F5 Secure Web Gateway Services, we can utilize our existing F5 infrastructure and knowledgeable resources within our firm to streamline our web security platform. Combining explicit proxy, URL filtering, and application delivery functions into one platform will benefit us to cut costs, simplify our network, and introduce automation possibilities.”
Dave Eardley, Infrastructure Network Architect, Bank of New York Mellon

“While our employees need to use the Internet to do their jobs, granting them unfettered access opens us up to web-based threats and malware, misuse and productivity drain, and regulatory compliance issues. F5 Secure Web Gateway Services can alleviate these problems for us by helping us ensure employees have access only to authorized websites and enabling us to adhere to compliance regulations.”
Farid Mohd Thani, Enterprise Network Architect, Celcom Axiata Berhad

“Today, IT must balance the challenge of ever-changing web threats that can’t be detected fast enough with the need for employees to have legitimate use of the Internet and web applications. As a result, organizations are actively seeking out ways to step up protection for users and applications while also consolidating their security infrastructures. F5 Secure Web Gateway Services, as evidenced by our in-house testing, achieves exactly that.”
Nick Garlick, Managing Director, Nebulas

“Malware and phishing remain my two concerns. F5 WebSafe was easy to deploy without any impact to our customers and has been very effective in helping us detect and respond more effectively to these attacks.”
Eli Irim, Manager of Investigations and Control, Bank Leumi

“The challenge of defending against web fraud is complicated by customer indifference to—or suspicion of—requests made by banks to download and install anti-malware. Solutions that can invisibly ensure the integrity of customer data being exchanged with any device will help reduce fraud loss, as more customers will be protected.”
Julie Conroy, Research Director for Retail Banking, Aite Group

“Buyers are looking to consolidate security platforms wherever they can, as long as the necessary performance and protection is delivered. Integrating capabilities on a single platform is attractive because security policies and practices can be better tuned to specific user and business needs, and many buyers want fewer vendors to manage.”
Jeff Wilson, Principal Analyst for Security, Infonetics Research

LEARN MORE

To see live demonstrations of F5’s Secure Web Gateway Services as well as F5’s Web Fraud Protection and DDoS Protection reference architectures, visit us in booth #1801 at RSA Conference USA 2014 in San Francisco, Tuesday, Feb. 25 – Thursday, Feb. 27.

AVAILABILITY

F5 Secure Web Gateway Services and the F5 Web Fraud Protection reference architecture are both available today. Contact your local F5 sales office for availability in specific countries.

ADDITIONAL RESOURCES

ABOUT F5

F5 (NASDAQ: FFIV) provides solutions for an application world. F5 helps organizations seamlessly scale cloud, data center, and software defined networking (SDN) deployments to successfully deliver applications to anyone, anywhere, at any time. F5 solutions broaden the reach of IT through an open, extensible framework and a rich partner ecosystem of leading technology and data center orchestration vendors. This approach lets customers pursue the infrastructure model that best fits their needs over time. The world’s largest businesses, service providers, government entities, and consumer brands rely on F5 to stay ahead of cloud, security, and mobility trends. For more information, go to f5.com.

You can also follow @f5networks on Twitter or visit us on Facebook for more information about F5, its partners, and technology.

F5, Access Policy Manager, BIG-IP, F5 Synthesis, MobileSafe, SDAS, Software Defined Application Services, WebSafe, and DevCentral are trademarks or service marks of F5 Networks, Inc., in the U.S. and other countries. All other product and company names herein may be trademarks of their respective owners.

This press release may contain forward looking statements relating to future events or future financial performance that involve risks and uncertainties. Such statements can be identified by terminology such as "may," "will," "should," "expects," "plans," "anticipates," "believes," "estimates," "predicts," "potential," or "continue," or the negative of such terms or comparable terms. These statements are only predictions and actual results could differ materially from those anticipated in these statements based upon a number of factors including those identified in the company's filings with the SEC.

i Kaspersky Lab Report: 20 June 2013

ii The State of Financial Trojans in 2013; Symantec

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
The goal of Continuous Testing is to shift testing left to find defects earlier and release software faster. This can be achieved by integrating a set of open source functional and performance testing tools in the early stages of your software delivery lifecycle. There is one process that binds all application delivery stages together into one well-orchestrated machine: Continuous Testing. Continuous Testing is the conveyer belt between the Software Factory and production stages. Artifacts are m...
When shopping for a new data processing platform for IoT solutions, many development teams want to be able to test-drive options before making a choice. Yet when evaluating an IoT solution, it’s simply not feasible to do so at scale with physical devices. Building a sensor simulator is the next best choice; however, generating a realistic simulation at very high TPS with ease of configurability is a formidable challenge. When dealing with multiple application or transport protocols, you would be...
Cloud resources, although available in abundance, are inherently volatile. For transactional computing, like ERP and most enterprise software, this is a challenge as transactional integrity and data fidelity is paramount – making it a challenge to create cloud native applications while relying on RDBMS. In his session at 21st Cloud Expo, Claus Jepsen, Chief Architect and Head of Innovation Labs at Unit4, will explore that in order to create distributed and scalable solutions ensuring high availa...
An increasing number of companies are creating products that combine data with analytical capabilities. Running interactive queries on Big Data requires complex architectures to store and query data effectively, typically involving data streams, an choosing efficient file format/database and multiple independent systems that are tied together through custom-engineered pipelines. In his session at @BigDataExpo at @ThingsExpo, Tomer Levi, a senior software engineer at Intel’s Advanced Analytics ...
Internet-of-Things discussions can end up either going down the consumer gadget rabbit hole or focused on the sort of data logging that industrial manufacturers have been doing forever. However, in fact, companies today are already using IoT data both to optimize their operational technology and to improve the experience of customer interactions in novel ways. In his session at @ThingsExpo, Gordon Haff, Red Hat Technology Evangelist, shared examples from a wide range of industries – including en...
In IT, we sometimes coin terms for things before we know exactly what they are and how they’ll be used. The resulting terms may capture a common set of aspirations and goals – as “cloud” did broadly for on-demand, self-service, and flexible computing. But such a term can also lump together diverse and even competing practices, technologies, and priorities to the point where important distinctions are glossed over and lost.
Detecting internal user threats in the Big Data eco-system is challenging and cumbersome. Many organizations monitor internal usage of the Big Data eco-system using a set of alerts. This is not a scalable process given the increase in the number of alerts with the accelerating growth in data volume and user base. Organizations are increasingly leveraging machine learning to monitor only those data elements that are sensitive and critical, autonomously establish monitoring policies, and to detect...
"We're a cybersecurity firm that specializes in engineering security solutions both at the software and hardware level. Security cannot be an after-the-fact afterthought, which is what it's become," stated Richard Blech, Chief Executive Officer at Secure Channels, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Most companies are adopting or evaluating container technology - Docker in particular - to speed up application deployment, drive down cost, ease management and make application delivery more flexible overall. As with most new architectures, this dream takes a lot of work to become a reality. Even when you do get your application componentized enough and packaged properly, there are still challenges for DevOps teams to making the shift to continuous delivery and achieving that reduction in cost ...
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chie...
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitigate risk rely on applications that minimize latency on a variety of data sources. Jack Norris reviews best practices to show how companies develop, deploy, and dynamically update these applications and how this data-first...
Intelligent Automation is now one of the key business imperatives for CIOs and CISOs impacting all areas of business today. In his session at 21st Cloud Expo, Brian Boeggeman, VP Alliances & Partnerships at Ayehu, will talk about how business value is created and delivered through intelligent automation to today’s enterprises. The open ecosystem platform approach toward Intelligent Automation that Ayehu delivers to the market is core to enabling the creation of the self-driving enterprise.
"At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"We're here to tell the world about our cloud-scale infrastructure that we have at Juniper combined with the world-class security that we put into the cloud," explained Lisa Guess, VP of Systems Engineering at Juniper Networks, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Historically, some banking activities such as trading have been relying heavily on analytics and cutting edge algorithmic tools. The coming of age of powerful data analytics solutions combined with the development of intelligent algorithms have created new opportunities for financial institutions. In his session at 20th Cloud Expo, Sebastien Meunier, Head of Digital for North America at Chappuis Halder & Co., discussed how these tools can be leveraged to develop a lasting competitive advantage ...