Protect an application exposed on Internet with F5 XC WAAP

The use case

An application is up and running and exposed on Internet. This application, let's say https://www.mybank.com, is not protected today.

With F5 Distributed Cloud Web App and API Protection (XC WAAP), we will protect with:

  • L3/L4 DDoS Protection, unlimited
  • WAF
  • Bot Protection (signature based)
  • API protection
  • Rate Limiting

 

The architecture

 

The users connect to the F5 XC Global Network through Anycast IP address. The DNS can be managed by F5 XC or by the customer.

Then, the F5 XC Global Network connects to the Internet Application and protect it. 

Solution overview and services offered

F5 XC WAAP offers by default

  • 1 anycast VIP
  • 1 Distributed LB
  • 2 Delegated DNS domain
  • Unlimited L3/L4 protection
  • WAAP protection
    • WAF Policy (based on BIG-IP and Nginx WAF engine)
    • Bot Signature protection
    • API Protection (Swagger enforcement)

But more advanced services are available

  • Advanced Bot Protection (Shape)
  • Advanced API Protection with API discovery
  • Malicious User Detection and Mitigation (AI/ML)

 

Use Case video

In this video, we explain in details this use case and the solution.

 

Published Sep 15, 2022
Version 1.0
  • Thanks,  Matthieu! Your video provides a very clear explanation about the Distributed Cloud services.