Press Releases Archive   Search Press Releases
Press Release

Study Finds Traditional Security Safeguards Failing, Application Delivery Controllers Viewed as an Effective Alternative

100% of enterprises reported cyber attacks, with individual losses averaging over half a million dollars

SEATTLE – F5 Networks, Inc. (NASDAQ: FFIV), the global leader in Application Delivery Networking, today announced the results of an F5 Networks 2011 ADC Security Study that measures the effects of increasingly complex network and application attacks on enterprise organizations, and details the security practices that enterprises are adopting to guard against these threats.

The worldwide survey, conducted by independent market research firm Applied Research, found that attacks are becoming more difficult to defend against and are expensive to mitigate, with traditional safeguards falling short. Ninety-two percent of those surveyed view Application Delivery Controllers (ADCs) as an appropriate alternative to traditional security solutions, finding that the utilization of ADCs for security purposes continues to gain traction.

View an infographic of the results.

“Traditional security technologies are struggling to keep pace with the expanding threat landscape; as cyber attacks become more malicious, employees are also becoming more distributed and infrastructures are growing in complexity,” said Karl Triebes, CTO and SVP of Product Development at F5. “As such, many enterprises are turning to ADCs to address critical security concerns that traditional safeguards cannot reach.”

Threats Now More Difficult to Defend

With both infrastructure systems and cyber attacks growing in complexity, the study revealed that enterprises find it challenging to defend their networks and applications. The survey found that DNS attacks are the most frequent and difficult to defend against, and have the highest impact on enterprises.

“We’ve had some notable public attacks, both DDoS and scripting issues,” said a director of technology in a recent focus group, referring to the increasing difficulty in defending against attacks. “We’ve changed our entire policy and our infrastructure in the past year because of these things.”

High Costs from Complex Threats

The effects of DNS and encrypted data attacks are wide-sweeping across industries, with the typical cost per organization for a 12-month period being $682,000, according to the survey. More than 50 percent of enterprises claimed loss of productivity, 43 percent of respondents reported loss of data, and 31 percent reported loss of revenue. Other costs that enterprises incur from attacks include loss of customer trust, regulatory fines, and theft of money or goods.

“We’re looking at the loss of time, productivity, and data…maybe $100,000 a month,” said a project manager participating in the focus group.

Current Solutions Falling Short

According to the survey, traditional safeguards fall short in the face of constantly evolving threats. Of those surveyed, 42 percent had a firewall fail due to network-layer Denial of Service (DoS) traffic load in the past 12 months, with 36 percent failing during an application-level DoS attack. Thirty-eight percent of respondents reported that traditional safeguards perform less than “somewhat well” in understanding traffic context and protecting against complex, blended threats.

“Traditional safeguards are no longer effective,” said a director of technology during the focus group. “For data loss, where we have a more experienced enemy, we’re seeing that we need to be far more advanced.”

Application Delivery Controllers Providing Security

“In the past three or four years, we’ve expanded the use of our ADCs,” said a director of technology during the focus group. “We had two things that were driving it: security concerns and our ability to implement more Web 2.0 applications.”

IT is considering ADCs for security use, with one-third of respondents already using ADCs for security, and virtually all of them discussing it. According to the survey, only 8 percent believe their traditional safeguards are sufficient and there is no need to consider ADCs. In contrast, 92 percent see specific security roles for ADCs, and half of respondents believe that ADCs can replace many or most traditional safeguards.

“With an ADC, at least if you do have an attack on it, you have the flexibility to adapt and shut down that attack vector, and your entire network or application is not compromised,” said a senior systems analyst participating in the focus group. “You can isolate the threat from the rest of the system.”

Recommendations

  • Unify the security framework – Organizations should increase communication between security silos to get a full network security profile. Traditional security technologies focus only on a narrow slice of potential attack vectors. When an organization deploys security in silos—perimeter protection, application layer protection, data protection, etc.—they lose sight of the context of what is occurring within each silo, and how that might affect the others.
     
  • Understand attack context – Many attacks are blended across network, protocol, user, and application. Unifying security across layers L3–L7 in the network stack gives an organization the ability to better identify, defend, and adapt to these blended threats. It gives organizations an edge over attackers by making it more difficult to exploit a particular vulnerability across many vectors.
     
  • Respond and adapt – Because new exploits and vulnerabilities are introduced constantly, an organization’s security framework must respond quickly to evolving threats. Companies should seek solutions that can rapidly adapt and even help anticipate potential vulnerabilities.
     
  • Scale to combat attacks – As evidenced by the recent Anonymous and LulzSec attacks, hackers can utilize massive, global, and random attack patterns. Any approach must be able to withstand the sheer size and scope of today’s attacks, and do so cost effectively.
     
  • Build a robust community – Organizations can benefit by leveraging the combined power of a user community to mitigate the growing and changing landscape. A strong community of like-minded individuals can provide shared wisdom and insight, resulting in enhanced visibility, command, and control. With active contributions from a focused community, dynamic threat response and adaptability can be improved for all.


About the Survey

The F5 Networks 2011 ADC Security Study was commissioned by F5 to gauge the current security threat landscape and its effect on enterprise security management. Conducted by Applied Research in September 2011 through phone interviews and focus groups, the survey included responses from 1,000 large organizations in 10 countries around the world. Applied Research spoke with senior IT management in a variety of roles. The report is available online at http://www.f5.com/pdf/reports/f5-adc-survey-report.pdf.

About F5

F5 Networks, Inc., the global leader in Application Delivery Networking (ADN), helps the world’s largest enterprises and service providers realize the full value of virtualization, cloud computing, and on-demand IT. F5® solutions help integrate disparate technologies to provide greater control of the infrastructure, improve application delivery and data management, and give users seamless, secure, and accelerated access to applications from their corporate desktops and smart devices. An open architectural framework enables F5 customers to apply business policies at “strategic points of control” across the IT infrastructure and into the public cloud. F5 products give customers the agility they need to align IT with changing business conditions, deploy scalable solutions on demand, and manage mobile access to data and services. Enterprises, service and cloud providers, and leading online companies worldwide rely on F5 to optimize their IT investments and drive business forward. For more information, go to www.f5.com.

You can also follow @f5networks on Twitter or visit us on Facebook for more information about F5, its partners, and technology. For a complete listing of F5 community sites, please visit www.f5.com/news-press-events/web-media/community.html.

F5, the F5 logo, BIG-IP, and Application Security Manager are trademarks or service marks of F5 Networks, Inc., in the U.S. and other countries. All other product and company names herein may be trademarks of their respective owners.

# # #

This press release may contain forward looking statements relating to future events or future financial performance that involve risks and uncertainties. Such statements can be identified by terminology such as "may," "will," "should," "expects," "plans," "anticipates," "believes," "estimates," "predicts," "potential," or "continue," or the negative of such terms or comparable terms. These statements are only predictions and actual results could differ materially from those anticipated in these statements based upon a number of factors including those identified in the company's filings with the SEC.

TAGS: