Press Releases Archive   Search Press Releases
Press Release

F5 Networks' Security Appliances Certified at Highest Available ICSA Labs Levels

FirePass SSL VPN product receives new ICSA 2.0 certification and TrafficShield web application gateway awarded Premier Services Certification status for web application gateway

F5 Networks, Inc. (NASDAQ: FFIV), the global leader in Application Traffic Management, today announced that ICSA Labs, an independent division of Cybertrust, Inc., has certified F5's TrafficShield web application gateway and has also recertified F5's FirePass SSL VPN (Secure Sockets Layer Virtual Private Network) product. Certification of these F5 solutions means that the TrafficShield product meets all of ICSA Labs' stringent Premier Services criteria for a web application gateway and that the FirePass product meets all of the organization's new, stricter SSL VPN certification criteria, using version 2.0 of ICSA Labs' SSL VPN tests. ICSA Labs is the security industry's recognized certification authority, validating products in such areas as network firewalls, SSL-TLS (transport layer security), anti-virus protection, and cryptography.

F5 is one of only two vendors to have its web application gateway certified by ICSA Labs, one of only five vendors to have its SSL VPN product certified under the more stringent criteria of version 2.0, and the only vendor to receive ICSA Labs certification for both types of products.

"ICSA Labs certification is a major milestone for any product in the security industry," said Marty Jost, Director of Product Management and Marketing at F5 Networks. "To have two application-fluent security products certified concurrently by a trusted, independent organization validates the effectiveness of our web application security and SSL VPN products. Many vendors claim to offer application security products, but if their products can't pass ICSA Labs' rigorous certification process, they don't offer true end-to-end application security."

"These ICSA Labs certifications are evidence of F5's commitment to upholding stringent security standards," says George Japak, vice president of ICSA Labs. "F5 was one of several web application gateway vendors that actively worked with ICSA Labs to set up a Premier Services Certification program for web application gateways and was also a charter member of ICSA Labs' SSL-TLS Product Developers' Consortium. Achieving this certification for both its TrafficShield and FirePass products demonstrates to F5's customers an ongoing commitment to security."

TrafficShield Certified as Meeting All Web Application Gateway Criteria

TrafficShield is certified by ICSA Labs as fully meeting the functional security, platform security, logging, and documentation criteria in the organization's Premier Services certification program for web application gateway. This certification provides independent validation of TrafficShield's ability to protect customer websites from application-specific vulnerabilities, while also verifying that TrafficShield has implemented industry best practices for appliance hardening, event logging, documentation, and management usability.

ICSA Labs has created strict criteria for vendors who make application security claims; being certified under this program constitutes proof that the web application security solution is able to offer substantial protection for web-based applications. F5 will continue to work with ICSA Labs and the other vendors in the space to refine and promote these criteria, eliminating false claims in the industry and providing customers with objective validation of vendor capabilities.

FirePass Controller Certified as Meeting All SSL VPN 2.0 Criteria

F5's FirePass Controller has recently been certified under version 2.0 of ICSA Labs' SSL VPN certification program, making it one of the first SSL VPN products to achieve this new and more stringent level of certification. The FirePass product had been certified under the previous version of the program last year, when the certification process was first set up. Version 2.0 of the ICSA program raises the bar for certification, adding criteria such as:

  • End-point security validation to manage security risks due to problems such as worms and viruses
  • Stronger validation of key security functions and device security testing
  • Validation of interoperability with such key business applications as Outlook and Exchange Server, Outlook Web Access, and file services using the server message block (SMB) protocol

About F5 Networks

F5 enables organizations to successfully deliver business-critical applications and gives them the greatest level of agility to stay ahead of growing business demands. As the pioneer and global leader in Application Traffic Management, F5 continues to lead the industry by driving more intelligence into the network to deliver advanced application agility. F5 products ensure the secure and optimized delivery of applications to any user-anywhere. Through its flexible and cohesive architecture, F5 delivers unmatched value by dramatically improving the way organizations serve their employees, customers and constituents, while lowering operational costs. Over 9,000 organizations and service providers worldwide trust F5 to keep their businesses running. The company is headquartered in Seattle, Washington with offices worldwide. For more information go to

About ICSA Labs

ICSA Labs, an independent division of Cybertrust, Inc. offers vendor neutral testing and certification of security products for hundreds of the world's top security vendor products. The end-users of security technologies rely on ICSA Labs to authoritatively set and apply objective testing and certification criteria for measuring product compliance and reliability. The organization tests products in key technology categories such as anti-virus, firewall, IPsec VPN, cryptography, intrusion detection and prevention, PC firewall, content security, SSL-VPN and Wireless LAN. For more information about ICSA Labs, please visit:

# # #

This press release may contain forward looking statements relating to future events or future financial performance that involve risks and uncertainties. Such statements can be identified by terminology such as "may," "will," "should," "expects," "plans," "anticipates," "believes," "estimates," "predicts," "potential," or "continue," or the negative of such terms or comparable terms. These statements are only predictions and actual results could differ materially from those anticipated in these statements based upon a number of factors including those identified in the company's filings with the SEC.