We’re excited to announce the support of F5’s web application firewall (WAF) solution for Microsoft Azure Security Center, now available to customers in a limited public preview capacity. The new F5 WAF service helps enable compliance and better protect your assets against application vulnerabilities and the latest L7 threats and DDoS attacks, while helping deliver the highest application performance.

F5 leverages industry-proven and ICSA-certified BIG-IP Application Security Manager (ASM) and BIG-IP Local Traffic Manager (LTM) technologies as a pre-configured virtual service within the Azure Security Center. By activating this solution within the Azure Security Center, organizations gain the same level of control and customization typically afforded to apps in the data center, while ensuring rapid response to threats targeting applications in the Azure environment. The solution provides comprehensive layer 7 protection and is easily activated using 3 protection levels pre-defined by F5 security experts.

BIG-IP ASM helps organizations effectively protect against existing and emerging Layer 7 application attacks, prevent costly data breaches, and maintain compliance with PCI-DSS requirements. BIG-IP ASM delivers the most comprehensive set of capabilities that guard against threats including OWASP Top 10, Layer 7 DDoS attacks, site scraping, web injections, and common app vulnerabilities with unsurpassed protection coverage. Built on F5's leading ADC technology, it stands out with scalability, programmability, and adaptability, giving organizations the best price/performance when compared to leading competitive solutions.

Within Azure Security Center, the F5 web application firewall solution enables organizations to identify and stop sophisticated, complex threats with a higher level of security effectiveness. It provides unique, proactive bot defense and more accuracy than other solutions in detecting and mitigating brute force, CSRF, XML, and zero-day attacks. It can dynamically impose needed protections to prevent attacks from ever reaching the servers.

Simple setup

The F5 web application firewall solution in Azure is pre-configured, making it fast and easy to set up your WAF. Admins can simply select the F5 solution, determine the appropriate protection level, and within minutes start defending their app against threats. The F5 solution is perfect for cloud-born apps in Azure, which may not be supported with dedicated security staff, to ensure protection from threats or for developers who want to deploy instant protection without the trial and error sometimes required of setting up a fully customized WAF solution.

Depending on availability of staff resources, admins may choose the ‘one-click’ WAF solution pre-configured by F5 experts or if you want to configure and deploy ASM and LTM to meet your specific needs.

Customizable

F5 offers you the flexibility to activate the F5 WAF solution as-is or by running BIG-IP ASM and LTM as Azure VMs to meet your needs. While we recommend initially selecting one of the pre-configured protection levels to immediately help meet organization or industry compliance policies, you don’t need to stop there. Once you activate the F5 WAF solution, you will also have access to the breadth of advanced ASM features, which allows you to further configure the WAF solution to best meet your unique application or organizational needs or policies.

Deploying Application Security Manager and Local Traffic Manager as VMs in Azure also lets you extend existing security policies, use existing iApps templates and iRules, and leverage existing F5 licenses via the Bring Your Own License (BYOL) option.

Trusted

F5 is the market leader in ADC technology and the industry’s most trusted name in web application firewall protection--deployed in more enterprise data centers than any other WAF solution.1 Organizations rely on ASM to protect the world’s most visited web applications wherever they reside, with the highest level of security effectiveness and without compromising performance.

Customers can now expect the same comprehensive feature set, enterprise-grade security and traffic management capabilities highly integrated in the Azure environment.

Here are links to related resources:


[1] https://informationsecurity.451research.com/?p=5684