F5 Firewall Like No Other– Application-Centric Logging

F5 has always been an engineering-driven company. Sometimes this frustrates new sales people as they have to learn new technologies and come around to looking at the F5 way of doing things.

So of course we made our firewall different, too. We built the Advanced Firewall Manager (AFM) module around the application. To F5, the application is King. The application is the business.

We thought about the application team and how it works together (not always gracefully) with the security teams. Sometimes the application team has the most at stake in diagnosing a traffic problem. Yet the application lacks the whole picture that network team has and also lacks the control that the security team has. With conventional firewalls, the process of diagnosing a problem would involve a back-and-forth email chain between the firewall admin and the app owner and this can take hours or days.

F5 makes it easier for both the firewall admin and the application team.

We built the logging facilities of AFM with the application team in mind – each logging profile can log the firewall data for itself to a specific logging server, for example, one owned by the application team.

When there’s a problem with access to the application, the firewall administrator can send the security logs directly to the application team. The app team can try and retry different client traffic to reproduce and isolate the problem and diagnose it in real-time.

It’s a simple idea, and different.

It’s another example of how F5 does it differently.

Connect with David: Connect with F5:

Related blogs & articles:
F5 Firewall Like No Other – Ruling the Application
Whitepaper: Replacing Abstract Zones with Real Application Security Policy 
Whitepaper: The New Data Center Firewall Paradigm 

Published Jul 18, 2013
Version 1.0

Was this article helpful?

No CommentsBe the first to comment