Press Releases Archive   Search Press Releases
Press Release

F5 Networks Delivers Industry Leading Application Firewall Ensuring Ultimate Protection for Enterprise Applications

F5's TrafficShield is a new class of security device that protects applications and data from hackers and other malicious attacks - including zero day attacks

F5 Networks, Inc. (NASDAQ: FFIV), the global leader of Application Traffic Management products, today announced that its TrafficShield™ Application Firewall is available on F5's new 4100 security platform. As a dedicated, application-level security device, the TrafficShield product offers enterprise organizations a superior way to protect their applications and data from hackers and other malicious attacks, including zero day attacks. It offers comprehensive protection from attackers who can bypass traditional perimeter security measures and target web applications to gain access to the corporate network.

F5's TrafficShield solution employs a positive security model, as opposed to other network security devices like network firewalls, Intrusion Detection Systems (IDS), and other point security devices, that use negative security logic and can only protect against known security threats. The TrafficShield product ensures that users have unrestricted, secure access to the information they need, while preventing anyone from tampering with the applications themselves. The TrafficShield software and 4100 hardware platform fulfill a critical component of F5's security product roadmap, which is designed to help enterprise organizations achieve end-to-end application level security.

"Positive security delivers a tailored view of Web application vulnerabilities through which preventive actions can be taken to ensure critical Web applications are continuously protected. General approaches that rely on signatures cannot deliver this same level of protection," according to Michael Suby, Senior Research Analyst and Program Manager at Stratecast Partners (a Division of Frost & Sullivan). "For many enterprises, expanding their Web presence is a strategic imperative, but developing vulnerability-free application code is not a core competency and is expensive and time consuming. Products like TrafficShield deliver the protective layer enterprises need to expand their web presence confidently, quickly, and with a lower cost overhead."

The TrafficShield Application Firewall delivers the industry's most comprehensive, proactive protection against generalized and targeted attacks, providing superior protection for web applications and their supporting infrastructure. To defend against targeted attacks, the product's Application Flow Model (AFM) uses positive security logic to validate each transaction based on user session context, user input and application response content. With this high security mode, only application transactions known to be valid are allowed; all the rest are blocked. In addition, TrafficShield provides a simple, role-based administration portal for network and application administration, featuring remote device configuration, visual application security policy management, full logging, auditing and reporting.

"Because of our extensive experience in SSL, Layer 7, and secure remote access, enterprises worldwide have been asking F5 to apply our knowledge toward application security and to create a best-of-breed solution to address their escalating application security requirements," said Jeff Pancottine, SVP and General Manager, Security Business Unit, F5 Networks. "With TrafficShield now part of F5's product offerings, no other vendor can match our comprehensive level of application-layer protection. TrafficShield, coupled with F5's FirePass SSL VPN product, helps ensure end-to-end application level security, from the client all the way to the application and back again."

TrafficShield Application Firewall Benefits

Transaction security and identity theft protection. TrafficShield's granular Application Flow Model ensures confidentiality and integrity of identity information by using a positive security model to control access as well as updates to identity information as a part of every HTTP request/response. The TrafficShield's Content Scrubber module scrubs identity information and prevents confidential information from being sent in a web application response.

Risk mitigation using proactive and comprehensive web application security. TrafficShield's Application Flow Model (AFM) provides granular and comprehensive web application protection from both generalized and targeted web application attacks including buffer overflows, SQL injection, cross-site scripting, parameter tampering, and zero day attacks - even for today's dynamic applications.

Regulatory compliance. TrafficShield offers comprehensive protection for web applications, protecting confidential information such as customer names, social security numbers (SSNs), and patient health records to ensure compliance with emerging industry and government regulations such as HIPAA, GLBA and SB 1386.

Lower Total Cost of Ownership (TCO). TrafficShield allows enterprises to reduce the cost of doing business while increasing their application and network security. It offers comprehensive Network Security Services, including a secure reverse proxy, SSL acceleration (termination and re-encryption to web servers), key management and failover handling, and basic network fire-walling capabilities.

Flexible deployment options. TrafficShield can be deployed in a variety of security postures depending on customer needs. A standard implementation can take less than a day and provides protection against the most common application attacks. TrafficShield's 'Advanced Policy Customization' module allows customers to fully tailor their policy as required, providing the most granular protection in the industry.

New 4100 Series Platform

A key component of the TrafficShield Application Firewall is F5's new 4100 Series hardware platform, which provides enterprise-class performance in a highly reliable, field serviceable form factor. The 4100 platform is the first device on the market that can perform bulk encryption/decryption (3DES/AES bulk crypto) via a built-in SSL acceleration card. F5's security hardware platform features a ground breaking, next generation processing platform that combines unmatched power with hassle-free maintenance that provides secure, reliable access to today's business-critical applications.

Pricing and Availability

The TrafficShield Application Firewall version 3.0 will be available in October with base pricing starting at US$39,990 (list) on the 4100 hardware platform. Customers may contact their F5 sales representative or reseller for additional product and pricing information. For more information on TrafficShield, visit

About F5 Networks

F5 enables organizations to successfully deliver business-critical applications and gives them the greatest level of agility to stay ahead of growing business demands. As the pioneer and global leader in Application Traffic Management, F5 continues to lead the industry by driving more intelligence into the network to deliver advanced application agility. F5 products ensure the secure and optimized delivery of applications to any user - anywhere. Through its flexible and cohesive architecture, F5 delivers unmatched value by dramatically improving the way organizations serve their employees, customers and constituents, while lowering operational costs. Over 6,000 organizations and service providers worldwide trust F5 to keep their businesses running. The company is headquartered in Seattle, Washington with offices worldwide. For more information go to

# # #

This press release may contain forward looking statements relating to future events or future financial performance that involve risks and uncertainties. Such statements can be identified by terminology such as "may," "will," "should," "expects," "plans," "anticipates," "believes," "estimates," "predicts," "potential," or "continue," or the negative of such terms or comparable terms. These statements are only predictions and actual results could differ materially from those anticipated in these statements based upon a number of factors including those identified in the company's filings with the SEC.