Securing MCP Servers with F5 Distributed Cloud WAF

Introduction

As Agentic AI is increasing its adoption rate, remote MCP (Model Context Protocol) Servers are becoming more prevalent. The MCP protocol allows AI Agents to reach many more tools than it was possible through the previous model of tight, local integration between the client and the MCP server.

The new APIs

MCP tools are now the new APIs, and more and more organizations are exposing their resources through MCP servers, allowing them to be consumed by MCP clients.

But just like in the beginning of the API explosion, the first push for MCP tools expansion was mostly focused on speed, not security.

If the analogy with API development holds true, then we will be seeing a major increase in the attack surface and vulnerability of organizations that choose to overlook the security aspects of MCP implementations.

Indeed, there are multiple critical vulnerabilities targeting MCP implementations exposed already and the trend is likely to continue.

Closing security gaps

Just like it was the case with APIs, the security aspects of MCP will likely catch up, but everything that can be done to close the security gap faster will not only improve security posture but will likely drive adoption.

F5 Distributed Cloud WAF is the leading platform for Web App and API security. It already offers baked-in protection against most of the vulnerabilities likely to be exposed by MCP Servers. F5 XC WAF is a drop-in solution for MCP Server protection, with minimal configuration.

Demo

Let's see a quick demo on how F5 XC WAF can be easily configured to protect an MCP server, while seamlessly integrating with MCP clients, in this case Anthropic’s Claude.

Additional Information

You can find more information about the WAF MCP Remote proxy library used to integrate F5 XC WAF and Claude (for the purpose of this demo, other MCP clients being supported) on the project's GitHub page  or on the package page under @f5devcentral NPM organization.

As MCP is becoming the de-facto standard for communication protocols between AI Agents and their tools, MCP implementations require the same level of protection afforded to APIs.

F5 is one of the first to offer comprehensive protection for MCP servers. Distributed Cloud WAF is a proven, high-efficiency, easy to configure solution for securing Web Apps and APIs, already incorporating protections for the vulnerabilities likely to be encountered in MCP implementations.