Web Application Firewall
F5 gives you WAF options recognized by independent analysts for their power and value. With F5’s application focus, Layer 7 protection expertise, bot detection and behavioral analysis capabilities, you get the power and flexibility to cover a broader range of threats. With compliance, integrations, and dynamic learning, F5’s WAF is the most comprehensive application security solution on the market, providing consistent protection to applications located anywhere in a hybrid cloud environment.
With F5 as the strategic point of control in your network, you’ll get unique levels of visibility into encrypted traffic as well as flexible deployment modes, dynamic security service chaining and full cipher support. F5 security solutions manage SSL to give you better performance and effectiveness across your security stack. And because F5’s high performance SSL/TLS stack is custom-built over 15 years, F5 customers aren’t typically vulnerable to OpenSSL flaws like Heartbleed.
Identity Federation and Remote Access
Our remote access and identity federation solutions let you customize the security policies that follow your apps, providing centralized and secure authentication and access control for users—no matter where they are or what device they’re using. Our contextual, dynamic, and risk-based approach to application access improves the user experience and scales without limits. And the policies and controls you create stay consistent wherever your apps are deployed.
F5's BIG-IP traffic management modules effortlessly transform large, chaotic volumes of network traffic into logically assembled streams of data, before making intelligent local and global traffic management decisions - optimally selecting the right end point server based on its performance, availability and security status.
iRules are custom scripts that you write if you want to make use of some of the extended capabilities of the BIG-IP that are unavailable via the CLI or GUI. iRules allow you to more directly interact with the traffic passing through the device enabling you to send traffic not only to pools, but also to individual pool members, ports, or URIs. And directing traffic to a desired pool is only the beginning, with logging, traffic redirecting and URL modification just some other capabilities.