F5 Dials Up DDoS Protection with Silverline Service
DDoS protection technology from defence.net gets integrated into F5's portfolio.
F5 is expanding its services portfolio with its new Silverline cloud services portfolio. First up in Silverline is an expanded Distributed Denial of Service (DDoS) capability that is built on top of the defence.net technology that F5 acquired in May of this year.
F5 CTO Karl Triebes explained to Enterprise Networking Planet that many people think of F5 as just being a hardware vendor, but that really isn't really the case.
"The value is in the functionality embedded in our software," Triebes said.
That's where the the new Silverline effort, part of the larger Synthesis Software Defined Application Services effort first announced in November 2014, comes into play.
"Synthesis is the notion of being able to run all our functionality, regardless of the infrastructure it is running on," Triebes said. "Silverline is the services offering that fits into Synthesis."
The first Silverline service is DDoS, which will have both on-premises and cloud components. The capability to handle the volumetric cloud side of DDoS is partially delivered by defence.net features. defence.net was founded by Barrett Lyon, who also founded Prolexic, a DDoS vendor that was acquired by Akamai for $370 million in December of 2013.
Triebes emphasized that the F5 is not a Content Delivery Network (CDN) provider like Akamai. Instead, F5 optimizes applications. In his view, by coupling the on-premises features with the cloud, F5 is able to differentiate itself from the Akamai/Prolexic offering.
Going a step further, Triebes said that the plan is to extend the DDoS protection capability by offering F5's Web Application Firewall (WAF) as a service. F5's WAF takes into account even finer-grained detail about what applications look like and what is going on. An additional future service that might be enabled is anti-fraud.
"We provide a true defense in depth solution, from a layered approach all the way up to the application," Triebes said.
DDoS attacks can take many different forms, including NTP and DNS reflection attacks, which were common at the beginning of the year.
"We block against a tonne of vectors," Triebes said. "Because we have a proxy base, if we suspect someone is being DDoS'ed, we can inject, for example, a CAPTCHA challenge."
Triebes said that the ability to interrogate and inspect traffic is a key value-add for F5.
From a hardware perspective, an enterprise does not have to be using physical F5 hardware to benefit from Silverline services, which are sold on a subscription model basis.
"You don't need to be using our products in your data center. You can just consume the service," Triebes said. "We'll protect your application infrastructure regardless."
Photo courtesy of Shutterstock.
Sean Michael Kerner is a senior editor at Enterprise Networking Planet and InternetNews.com. Follow him on Twitter @TechJournalist.