F5 Advanced Web Application Firewall
Connect to the Extended Enterprise with Confidence and Security

Overview:

Web attacks are the leading cause of data breaches. Despite the best efforts of secure application- and patch-management processes, half of all applications remain vulnerable, 24x7. Web application firewalls (WAF) protect your applications from data breaches by fixing vulnerabilities and stopping attacks. F5 Advanced WAF helps defend against attacks that target bot protection, application-layer encryption, APIs, and behavior analytics.

Attackers have embraced the use of automation to scan your applications for vulnerabilities, attack account credentials, or cause denial of service (DoS). F5’s proactive bot defenses stop automated attacks and leverage a combination of challenge- and behavior-based techniques to identify and filter out bot traffic. By stopping bad bots, you can eliminate many of these opportunistic attacks.

Seventy-five percent of data breaches start with identity attacks. Advanced WAF includes F5 DataSafe to help encrypt data and credentials at the application-layer—without having to update the application. This encrypts the data as it passes through the Advanced WAF solution.

Behavior analytics are a requirement for detecting blended attacks. Many layer 7 distributed denial-of-service (DDoS) attacks are stealthy and may go undetected by traditional signatures and reputation-based solutions. Advanced WAF automatically learns the application behavior, then combines the behavioral heuristics of traffic with the server stress to determine DDoS conditions. This process provides the most accurate detection without false positives. Dynamic signatures are then created and deployed on the fly for real-time protection.

Why F5 Advanced WAF?

Your apps are your business. Problem is, applications are the initial target in 53 percent of breaches. F5 Advanced WAF protects against the most prevalent attacks on your apps, without having to update the apps themselves:

• Automated attacks and bots that can overwhelm application resources
• Attacks that steal application credentials or take advantage of compromised accounts
• Application-layer attacks that evade signature- and reputation-based security solutions
• New attack surfaces and threats due to the rapid adoption of APIs
• Bots that target browser-based and mobile clients

Key Benefits

• Protect your web applications from vulnerabilities and web attacks
• Identify and mitigate automated attacks by bots and other attack tools before they cause damage
• Identify attacks using machine learning to detect and mitigate attacks with the highest level of accuracy

Features:

Proactive Bot Protection
Proactively defend your applications against automated attacks by bot and other attack tools. This prevents layer 7 DoS attacks, web scraping, and brute-force attacks. Proactive bot defense helps identify and mitigate attacks before they cause damage to the site.

DataSafe
Protect sensitive information from interception by encrypting data while it’s still in the browser. DataSafe encrypts data at the application layer to protect against malware and keyloggers. This renders leaked credentials or data useless.

Behavioral DoS
Behavioral DoS provides automatic protection against DDoS attacks by analyzing traffic behavior using machine learning and data analysis. By continuously monitoring server health and load, anomalies (performance slowdowns or traffic spikes) can be accurately detected and mitigated as needed.

Flexible Deployment
Available as a purpose-built appliance, a cloud-ready virtual appliance, or part of the F5 Silverline service.

Advanced Application Protection
Advanced WAF is more than an incremental increase in application security. It’s a fundamental transformation that combines machine learning, threat intelligence, and deep application expertise.

Proactive Bot Defense
Identifies malicious bots that bypass standard detection methods and mitigates threats before they do damage. Protects apps from automated attacks by bots and other automated attack tools, helping prevent layer 7 DoS attacks, web scraping, brute force attacks, and more.

Anti-bot Mobile SDK
When combined with F5 WAF solutions, secures and protects mobile applications from bots and automated attacks via application whitelisting, behavioral analysis, secure cookie validation, and advanced app hardening.

Credential Protection
DataSafe encryption protects sensitive information from interception by obfuscating fields and encrypting sensitive data. DataSafe encrypts data at the application layer to protect against data-extracting malware and keyloggers, rendering stolen data useless.

Behavioral Analytics
Behavioral analytics and machine learning provide highly accurate L7 DDoS detection and mitigation.

API Protocol Security
Deploys tools that secure REST/JSON, XML, and GWT APIs.

Deployment:

Documentation:

Download the F5 Advanced Web Application Firewalls Datasheet (.PDF)