F5 Silverline: DDoS Protection and Web Application Firewall as Managed Services
With the growth of cloud services and the software-defined data center, it’s tempting for organizations to embrace self-provisioning and begin to look at everything as a service (-aaS): SaaS, IaaS, PaaS, etc. These days, many companies providing networking solutions are often evaluated based on their ability to craft customized -aaS offerings.
There’s certainly much to be admired about the agility and scalability of these –aaS offerings, but they’re not right for every business in every situation. Take, for example, a SaaS offering where the organization purchases a Customer Relationship Management (CRM) software framework that they can then customize to their particular business practices. It’s clean and simple, but what the organization doesn’t get is education on how to configure the software they just purchased –aaS. And if they don’t configure it correctly, they don’t get the full value of the software.
F5® Silverline® cloud-based application services are not –aaS offerings, because when an enterprise purchases a subscription to use these services, they also receive support from the F5 experts who manage the services. This allows organizations to rapidly deploy enterprise-grade application services across hybrid environments, while receiving deployment and configuration support every step of the way—without a big upfront investment in IT infrastructure.
F5 Silverline DDoS Protection is a service delivered via the Silverline cloud-based platform. It offers multi-layered (L3–L7) protection with cloud-scrubbing technologies to detect, identify, and mitigate threats in real time, returning clean traffic back to the enterprise site. It can run continuously to monitor all traffic and stop attacks from ever reaching the network, or it can be initiated on demand when the site is under DDoS attack. In addition, F5 security experts are available 24/7 to keep business online during a DDoS attack.
F5 Silverline Web Application Firewall is a service built on BIG-IP® Application Security Manager® (ASM), which enables organizations to protect against OWASP top 10 threats, application vulnerabilities, and zero-day attacks. Leading Layer 7 DDoS defenses, detection and mitigation techniques, virtual patching, and granular attack visibility thwart even the most sophisticated threats before they reach network servers. BIG-IP ASM is also provided via F5’s Silverline cloud-based application services platform and wholly deployed, set up, and managed by the highly specialized experts in the F5 Security Operations Center (SOC).
The members of the F5 SOC team have an unrivalled breadth and depth of industry experience. They use industry-leading F5 products combined with state-of-the-art security tools to ensure the best protection possible for applications. Organizations get the benefit of highly specialized personnel to rapidly deploy application services, but are spared the time and expense of staffing their own specialized team.
“F5 Silverline effectively mitigated two recent DDoS attacks,” says a current Silverline customer. “It happened over a weekend and while the security team was notified, they were able to enjoy their weekend. … They [security team] enjoyed the customer experience overall with the Silverline SOC team as they are very responsive; a 5-minute response time.”
Silverline DDoS Protection and Silverline Web Application Firewall are not services organizations can find, purchase, configure, and deploy on their own. These services do not empower organizations to do their own DDoS mitigation or make policy changes in the underlying architecture of their web application firewall. That’s what –aaS offerings do: They give organizations the power to do something that they already know how to do.
Instead, these managed services leverage the expertise of the F5 SOC team to deliver services that allow organizations to do something they don’t know how to do (like effectively configuring and managing a web application firewall) or are otherwise incapable of doing (like absorb 100+ Gbps attacks). F5 controls the service, the delivery of the service, the features of the service, and the reporting on the service. Instead of granular control over their application services, organizations get the peace of mind that comes from knowing that their web application firewall and DDoS mitigation will work as promised, all the time.
“I wanted to be sure to circle back and thank the entire F5 team for your support in enabling our environment to remain processing during a period where the probability of an attack increases exponentially,” says a current Silverline customer. “There is now a greater level of confidence [from multiple teams] we can sustain our business and maintain our customer commitment.”
While many security offerings today seem like a self-service buffet, Silverline services more closely resemble a good, old-fashioned insurance policy. Every organization comes under fire at some point. And whether they’re facing a DDoS attack or an application attack, enterprises with Silverline DDoS Protection and Web Application Firewall services are protected anywhere, anytime—no IT security experience required.