Technical Articles
F5 SMEs share good practice.
cancel
Showing results for 
Search instead for 
Did you mean: 
Matt_Dierick
F5 Employee
F5 Employee

The use case

In this use case, a modern application (or piece of the app) is running in a private/public (not exposed) cloud or on-premises location. In few words, the application or some pieces of the application are not exposed on Internet and NetOps + SecOps are looking for a simple solution to expose and protect this application.

With F5 Distributed Cloud Web App and API Protection (XC WAAP), we will protect with:

  • L3/L4 DDoS Protection, unlimited
  • WAF
  • Bot Protection (signature based)
  • API protection
  • Rate Limiting

 

The architecture

Matthieu_Dieric_0-1662625845566.png

The users will connect to F5 XC Global Network where the application is exposed (exposed on all F5 XC pops all over the world), and F5 XC multi-cloud networking solution will route the traffic to the application hosted in Azure in the example above (or in the Datacenter)

To do so, a F5 XC Mesh Node has been deployed automatically by the F5 XC console in Azure tenant and is directly connected (vnet subnet) with the application.

 

Solution overview and services offered

F5 XC WAAP offers by default

  • 1 anycast VIP
  • 1 Distributed LB
  • 2 Delegated DNS domain
  • Unlimited L3/L4 protection
  • WAAP protection
    • WAF Policy (based on BIG-IP and Nginx WAF engine)
    • Bot Signature protection
    • API Protection (Swagger enforcement)

But more advanced services are available

  • Advanced Bot Protection (Shape)
  • Advanced API Protection with API discovery
  • Malicious User Detection and Mitigation (AI/ML)

 

Use Case video

In this video, we explain in details this use case and the solution.

 

Version history
Last update:
‎23-Mar-2023 14:25
Updated by:
Contributors