Today, F5 is launching F5 Distributed Cloud WAAP, our new cloud-based security service for web applications and APIs that are deployed across multi-cloud, on-prem, and edge locations.  This provides a comprehensive solution for securing web applications and APIs with its WAAP service, which offers capabilities for web application firewall (WAF), distributed denial of service (DDoS), bot protection, and API protection based on machine learning security delivered as-a-service/SaaS on the F5 Distributed Cloud Platform.  Therefore, enabling customers to deploy, secure, and operate their applications in a cloud-native environment including public and private clouds and the edge using a single, unified console.  This platform presents a unique opportunity to allow customers to build an interconnected system that unifies multi-vendor solutions around their security needs.

F5 Distributed Cloud Services Ecosystem for our Partners

As customers utilize various services on the Distributed Cloud Platform, they will look for interoperability and integration with their current security environment.  The Distributed Cloud Platform interoperates with many of the leading providers in areas of reporting, identity, and securely sharing and storing encrypted data.  

• Visibility via SIEM integration

Using a SaaS portal, customers can provision services, obtain global observability, centralize logs and metrics, and create customized dashboards. F5 Distributed Cloud Console provides APIs that can be used for automation or integration with external services like Datadog, Splunk, etc.

              Option 1: API for Log Receiver

              Option 2: Log Streaming for Elastic Search and Splunk

Figure 1: SIEM integration with F5 Distributed Cloud Console.

• Single sign-on via OIDC-compliant Identity providers

Customers can leverage their existing OIDC-compliant Identity providers such as Google, Microsoft, Okta, Ping Identity, Github, etc. to configure F5 Distributed Cloud Console login.

Figure 2: Single sign-on to the console using Microsoft Azure

• API Gateway Authentication for human-backed clients

The F5 Distributed Cloud Platform supports authentication against public OIDC authentication services such as Azure-AD, Google, and Okta. Clients will be redirected to these public OIDC services to get authenticated before continuing.

Figure 3:  API Gateway Authentication

• End to End Encryption via F5 VoltShare

Seamless implementation of end-to-end encryption before sharing information using tools such as email, Slack, Dropbox, Microsoft Teams, SharePoint, etc.

Figure 4: F5 VoltShare

• Alert Monitoring integrated with Slack, OpsGenie, PagerDuty, and Servicenow

Figure 5:  Sample of alerts sent to PagerDuty

Further capabilities are in active development that will allow service insertion, address compliance requirements, and enhance continuous growth through internal and external product integration.  We are focused on partnering with the leading vendors in key adjacent markets to complement F5’s Distributed Cloud WAAP core functionality of web application firewall (WAF), distributed denial of service (DDoS), bot, and API protection.

 

Conclusion

It is impractical to think a customer will use one vendor to address all their security needs. Whether through APIs, connectors, plug-ins, or automation creating a flexible ecosystem brings together critical security functionality.  F5 Distributed Cloud WAAP secures legacy and modern applications across multiple clouds and edge environments with a unique, flexible deployment architecture.  The Distributed Cloud Platform will continue to expand as new services are deployed with existing and new F5 technology partners.

f5technologyallianceprogram@f5.com