“You can use Application Delivery Controllers as firewalls?”
When F5 sent out a global survey to 1000 large organisations worldwide, concentrating on complex attacks and how people defend against them, some of the questions related to what people use to protect their web-facing applications. In one section – prompted by what we had seen amongst our customer base, especially after the Wikileaks attacks – we asked if Application Delivery Controllers (ADCs) had a role to play.
In my less positive moments, the question I pose above was the response I was expecting. It turns out that’s not the case. Half said ADCs can replace many or most traditional safeguards and, depending on what’s being protected, up to 45% of UK respondents are already using ADCs for security (this figure relates to application security).
Why might that be?
The answer lies in part in another - fairly shocking – finding: 42% of companies have had firewalls melt against a DoS attack, but 79% still rely on them for protection. Having firewalls melt in the face of a DoS attack doesn’t mean all firewalls melted, so presumably there’s some level of protection still being offered, or this finding would speak to a degree of masochism within the survey respondent base
But what some very large F5 customers found during the relatively recent spate of massive DoS attacks was that all their firewalls did melt…and the thing that didn’t was the ADC that sat behind them. The thing that could handle massive numbers of connection requests. So they started to use that as their firewall for their web-facing applications. Food for thought.
The infographic below sums up survey responses from the UK. Please feel free to contact me if you’d like the associated report.