App deployments nowadays tend to target API-driven distributed services and microservices-based topologies. How do you move fast when it comes to “securing an app”, when you have so many things to worry about: what services are part of the overall topology, where and how these services are deployed (VMs, containers, PaaS), and what technologies stacks and frameworks these services are built on?
Secure Your Apps at “Ludicrous Speed”
With that in mind our team built F5 Essential App Protect, to enable “LUDICROUS SPEED” for securing your web apps. We architected it to deliver Web Application Firewall functionality with more capabilities, delivered as-a-Service with F5 Cloud Services. Sparing you what may sound like an obvious marketing spiel like the simplicity of the UI, applying F5’s 20+ years of security expertise, or the speed of deployment and integration (it’s a SaaS, duh)...let me focus on a few reasons why I’m personally excited about our implementation of this solution:
Built for global app architectures
It’s deployed on a global data plane, which means you can co-locate your service close to the application or service endpoint that’s being protected. For example, an HTTP request that would typically be routed to a US-EAST based app doesn’t need to “bounce” around the world to get processed; Essential App Protect automatically detects and recommends US-EAST as a region and deploys protection instance in the region closest to your web service, resulting in minimal latency. This supports the “any app on any cloud” mantra, without sacrificing performance.
Besides using over 5,000+ signatures right out of the gate to check for malicious traffic, Essential App Protect continuously ingests new signatures from the F5 Threat Labs and stays current to ensure that we help defend against developing threats. On top of that, it also uses an advanced probability-based rating system that anticipates malicious requests and improves as the platform evolves. Simply put, we stay on top of the rapidly evolving threat landscape, so that you don’t have to!
Simple on-ramp, easy APIs
The north star of Essential App Protect is to make app security simple yet flexible not only from the UI, but to target DevOps scenarios with an API-first approach. This means you can onramp protection for your app with a couple of declarative API calls, from zero to ready in just a minute. Everything is defined through one simple JSON template, which makes it very easy to integrate into your CI/CD pipeline. All of the config, from tuning of protection option to accessing security event logs, are done through APIs. This makes automation a no-brainer, be it the initial deployment, or managing a consistent security policy across your dev/test/prod environments for all of your app deployments.
“Go ahead, take it for a spin!”
F5 Essential App Protect provides the enterprise-grade security you need to keep your web-facing apps safe. It is delivered as-a-Service with no hardware to manage or software to download. And you don’t need to be a security expert, because the service is pre-configured using the best practices we’ve compiled while working with top enterprises for the last 20 years. We architected it for the cloud and global delivery, while focused on future-proofing your app protection, and making it DevOps ready out of the gate.