F5 as a Service – A Suit of Armor and an Immune System in One
Imagine if we could block exploits like Poodle, HeartBleed or ShellShock around the globe for anyone that wanted us to in a matter of hours. That would be a good thing(tm) right? Well that possibility just took a big step towards realization.
Hopefully many of the faithful readers of this blog (ok, both of you) have heard about the launch of the Silverline F5-as-a-service platform and in particular our DDoS Protection service which is the first of the f5 cloud powered services to come online. There are plenty of superficially similar services out there, all aiming to do a similar job, intercept the onslaught of traffic to your services, and slice out only the good traffic you want to get to your servers. So why is our service any different - other than the thought of all those red F5 balls glowing brighter as an attack ramps up (I so wish they did that)? I'm not going to go into the technical details of how the service works and why we believe we will produce less false positives, better screening and more intelligence than everyone else, I expect by now there are dozens of blogs, tweets and data sheets. What I find the most compelling is the hybrid on/off premises model and the fact that we will be able to use signaling and telemetry to create a powerful ecosystem of detection, mitigation and inoculation against a wide range of "low and slow" attacks that are sometimes best defended by an intelligent security device placed near the application.
So now not only will your DDoS mitigation solution protect you from the avalanche of a volumetric DDoS attack, it's going to give you a local immune system where the antibodies are constantly being updated not just by attacks your infrastructure sees, but from every other subscriber in the community too.
Note the careful use of tense here while the Silverline DDoS Protection is ready to go right now, the feedback and inoculation features are things we are still working on, but I'm watching with genuine excitement about what this could mean for the future of attack prevention.