InfoSecurity -- A comprehensive magazine on IT Security (a Security magazine)

InfoSecurity April 2010

Back to Contents

Interview

“Our unified security solutions provides comprehensive approach for protecting complex environment from constantly changing threats”

Application security has its own significance in today’s internet centric business environment. It has its own challenges to be addressed, where several vendors are working hard to combat sophisticated application level threats. F5 Networks has established itself as one of the leading global application security vendors with its globally recognized solutions. We recently interviewed one of the top executives from F5 Networks to understand F5’s strategy, planning and future vision for Indian market better.

1) How do you see India as the market for application security solutions?

According to Frost & Sullivan, the potential size for the overall security market in India by 2014 will reach $494 million. Of this, SSL-VPN market will be $34.8 million. The potential market for Application Delivery Controllers in India will be $114 million by 2014. The ADC market in 2007 was $18.9 million and the SSL-VPN market was $9.9 million respectively.

2) Where does F5 Networks stand today in the security market in India today?

India is a key Asia Pacific growth market for F5. Security market is very broadly classified and encompasses many layers in an IT infrastructure. Influx of Web applications into business landscape is dynamically changing the face of application delivery market. With business applications increasingly migrating over to the Web sphere, and in line with developments on the business and technological fronts, we see India market demanding an integrated Application Delivery Networking platform. More and more enterprises will look for converged needs in application delivery – high availability, security and performance.

Any business, infrastructure, users, applications, and data are under constant threat from unauthorized access and malicious attacks. With flexible, efficient, and cost-effective security, F5 can help minimize the risks that come with serving customers and sustaining a mobile workforce. From enterprise and access security to network and application protection, F5's unified security solutions give a comprehensive approach to protecting complex environment from constantly changing threats. Investment in security has traditionally been at the network layer. This is no doubt important, but as seen from various recent cases of security attacks, application security and its associated vulnerability is of concern.

3) Could you kindly explain us the evolution of application security in context of Indian market?

In India, the traditional approach to security was limited to firewall or anti-virus or anti-spam. But today, due to increased mobility, diverse user-base, higher user expectations, internal threats, and regulatory requirements, the security scene has become complex. The network access is no more limited to a few trusted employees. The cyber attacks also have become sophisticated. As users and applications multiply and mobilize, the cost and difficulty of managing security, access and delivery increase exponentially.

Today, global enterprises are moving towards securing application delivery infrastructure. As the first consequence of this, there is tremendous growth in securing and optimizing delivery of web applications. And as more applications get web-enabled, the internet oriented risks increase. We expect significant growth in SSL-based virtual private networks that facilitate identity management, granular access, network admission control and an ability to have different locations meshed together in to one big network. We also expect a simultaneous growth in the application delivery infrastructures.

4) How big is the challenge today in application security market considering the ever changing game of hackers and continuously evolved blended, complicated and sophisticated attacks?

5) How strong is your R&D activity in security and what is the current roadmap? With the ever increasing anti-malware management challenge, how is F5 Networks positioned to address the same?

F5 Networks is in the business of continuous improvement and streamlining of Application delivery. An important area in our latest release of BIG-IP v10.1 tackles existing and emerging web security threats, while optimizing web applications to enhance end-user experience. Some R&D efforts seen in the latest release are:

Confidence that users receive trusted and correct DNS responses – BIG-IP Global Traffic Manager (GTM) now provides the most trusted DNS solution while maintaining its traditional dynamic global traffic distribution capabilities.
Simplified enforcement of PCI compliance standards – Customers can build on the PCI compliance functionality in a BIG-IP Application Delivery Controller with the BIG-IP Application Security Manager (ASM) software module. The ASM module now offers new PCI compliance reports that deliver a thorough summary of conformance status.
Better protection against automated scanners and bots – To protect organizations’ valuable IP information and safeguard websites against bots that scan for known vulnerabilities, F5 has extended BIG-IP ASM capabilities to solve additional business problems like web scraping. This feature prevents data extraction and misuse that impacts businesses’ revenue, and can dramatically reduce customers’ litigation costs.
Integrated and comprehensive reporting on every security violation – With ASM’s new Attack Expert System, every website attack is explained and each violation includes a detailed description of the check that the ASM solution performs. The ASM solutions’ geolocation chart reporting enables customers to pinpoint the country where the attack originated, along with the violation, severity, IP address, and more. This executive summary provides in-depth reporting and allows for fast mitigation and easy management.
Reduced CapEx/OpEx and risk through centralized control – BIG-IP customers can now accurately determine where a user is, based on their IP address, through the new IP geolocation database now integrated with F5’s TMOS architecture.

6) What major benefit users can achieve unifying the access management for web applications?

Application performance on the WAN is affected by a large number of factors that can’t be solved by adding bandwidth alone. The natural behaviour of application protocols that were not designed for WAN conditions, application protocols that engage in excessive handshaking, and the serialization of the applications themselves can all limit performance. The new BIG-IP v10.1 release offers advanced services featuring enhanced web access management, TMOS-integrated geolocation data, and accelerated data transfers over the WAN.

BIG‑IP WAN Optimization Module (WOM) saves time and money by speeding data transfers over the WAN and enabling traffic between BIG‑IP devices to be optimized, encrypted, and highly available. BIG‑IP WOM accelerates file transfers, email, client-server applications, data replication, and more—resulting in reliable, fast performance for all users accessing applications across the WAN.

BIG-IP WebAccelerator is an advanced Web application delivery solution that provides a series of intelligent technologies that overcome performance issues involving browsers, Web application platforms, and WAN latency. By decreasing page download times, WebAccelerator offloads servers, decreases bandwidth usage, and ensures the productivity of application end users.

7) How successful has been the partners-alliance based model for F5 in security market?

F5 has doubled its partner strength since last year. We are always on the lookout for like-minded partners, who have an understanding about datacenters, application software testing and so on, and we continue to work with them. F5’s leverage model helps drive its efficacy in reaching out to partners and customers.

We are not on the lookout for location specific partners but those who have an expertise in areas such as aligning datacenter infrastructure and handling mission critical applications. We want to continue our leveraged working relationship with our partners by making them self-dependent and empowering them while building their capabilities around F5’s products. This would equip them to handle enterprise needs and even customers would think of them as not just box- pushers.

F5 assists partners in tapping newer markets and with technology expertise through its Advantage Partner Program. The National Knowledge Network Program to set up state level datacenters or markets that are not being tapped into is where we encourage our partners the most to find opportunities through programs such as the Advantage Partner Program.

We have three types of partners, Gold, Premium and Authorized partners. Our belief is that instead of evolving different types of partner models, it is important to chart out the success path that partners can deliver and benefit from.

8) What is your vision in India in next 2 years?

We would like to continue to help customers to bridge the gap from traditional to dynamic infrastructures by increasing the flexibility between users and resources. Agile IT environments allow enterprises to respond quickly to change—adding, removing, and changing application and data services on demand. The result is a powerful IT architecture—encompassing security, access, acceleration, availability, and data management—that adapts smoothly to an organization’s evolving IT requirements.

In addition to outlining a long-term strategy, F5 is helping make cloud computing and virtualization a practical reality for organizations that are running mission-critical applications. Our market leadership and growth is indicative of our employee commitment, strategic vision and ability to execute