F5 Networks Ups Firewall Performance Game

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

At a time when the need for speed never mattered more to security, F5 Networks is adding a firewall to its application delivery controller (ADC) platform that is capable of providing 640 Gbps of throughput across 288 million concurrent sessions or a total of 8 million connections per second.

That may sound like performance levels that most IT organizations are never going to need. But it turns out that the perpetrators of malware have been increasing the volume of their attacks as part of an effort to overcome security defenses by sheer brute force. The basic idea is to overwhelm the security infrastructure’s ability to respond to the volume of attacks, most notably in the form of distributed denial of service (DDoS) attacks.

F5 Networks is able to attain these performance levels because the Big IP Advanced Firewall Manager is actually a software blade that plugs into the company’s application delivery controller (ADC) platform, which F5 Networks also refreshed this week using the latest Intel processors.

Brian Lazear, senior director of product management for security at F5 Networks, says the combination of an ADC and software-based firewall not only allows F5 Networks to attain substantially higher levels of performance, but it also serves to lower the cost of security by deploying the firewall directly inside the ADC platform, versus requiring the IT organization to deploy a separate dedicated appliance. In essence, the ADC platform now provides a common control plane for managing both application and performance, says Lazear.

There’s no doubt that firewall performance is going to become a bigger issue in 2013, especially as IT organizations expose more applications externally across the Web. The debate is going to center around the best way to go about deploying the firewalls with an eye towards keeping the total costs of security manageable. That’s not going to necessarily deter anybody from attacking your site. But it does mean that the amount of effort they will have to put behind it to succeed will be substantially higher.