More

    F5 Networks Ups Firewall Performance Game

    At a time when the need for speed never mattered more to security, F5 Networks is adding a firewall to its application delivery controller (ADC) platform that is capable of providing 640 Gbps of throughput across 288 million concurrent sessions or a total of 8 million connections per second.

    That may sound like performance levels that most IT organizations are never going to need. But it turns out that the perpetrators of malware have been increasing the volume of their attacks as part of an effort to overcome security defenses by sheer brute force. The basic idea is to overwhelm the security infrastructure’s ability to respond to the volume of attacks, most notably in the form of distributed denial of service (DDoS) attacks.

    F5 Networks is able to attain these performance levels because the Big IP Advanced Firewall Manager is actually a software blade that plugs into the company’s application delivery controller (ADC) platform, which F5 Networks also refreshed this week using the latest Intel processors.

    Brian Lazear, senior director of product management for security at F5 Networks, says the combination of an ADC and software-based firewall not only allows F5 Networks to attain substantially higher levels of performance, but it also serves to lower the cost of security by deploying the firewall directly inside the ADC platform, versus requiring the IT organization to deploy a separate dedicated appliance. In essence, the ADC platform now provides a common control plane for managing both application and performance, says Lazear.

    There’s no doubt that firewall performance is going to become a bigger issue in 2013, especially as IT organizations expose more applications externally across the Web. The debate is going to center around the best way to go about deploying the firewalls with an eye towards keeping the total costs of security manageable. That’s not going to necessarily deter anybody from attacking your site. But it does mean that the amount of effort they will have to put behind it to succeed will be substantially higher.

    Mike Vizard
    Mike Vizard
    Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.

    Latest Articles