F5 Silverline DDoS Protection Review

The core features help us with compliance but the reporting needs to be improved


What is our primary use case?

There are many use cases, but the most important one is due to the Central Bank policy which states that we must make it only accessible within Iran. It restricts people from making transactions outside of Iran.

How has it helped my organization?

There is an external auditor that provides us with a checklist that has the security processes and policies that we need to follow, and this assists us with compliance. We are using these multi-brand devices between the outside traffic and inside traffic. Because we are watching all of the transactions, the solution really helps us to monitor all of the logs. We can see all of the transactions and determine whether they are inside or outside of Iran.

It also helps us in the Security Operations Center to analyze the logs and attacks for instant handling.

What is most valuable?

The most valuable features are the LTM, Local Traffic Management, and ASM, Application Security Management. These two modules are really useful for us because we can monitor the application layer and also the inside traffic management.

We also use GTM, Global Traffic Management, but LTM is more useful for us.

What needs improvement?

The reporting should be much better because it's really hard to generate reports with F5. We export the reports to other file extensions and then have to import them in order to create a graph. The reporting should be much, much better.

The TM (Traffic Management) shell also needs improvement. You need to have Linux knowledge in order to use the shell.

The user interface could be better, as well.

We have complaints about the reliability of this solution. However, because we are in Iran and there are licensing restrictions, we cannot use other, more recognized products, such as the Palo Alto Networks Firewall, or Cisco. We also cannot use cloud-based security because of sanctions.

For how long have I used the solution?

Almost a year.

What do I think about the stability of the solution?

We have a lot of businesses that we put behind this solution and it has really helped us in terms of monitoring the logs and incidents.

What do I think about the scalability of the solution?

We haven't had any problems in terms of scalability. However, we had to use more hardware because of the enterprise business that we have.

Next year, we have an additional phase for improving the infrastructure. At that time we may expand the usage of this solution and perhaps buy some other products as well.

How are customer service and technical support?

I would rate the technical support five out of ten. We have a local vendor here for these products, and we cannot work directly with F5 because it is based in the US.

Because we cannot directly contact the US, we have to communicate problems to the company based in Iran. If the problem is serious then I think they make contact with their connections outside of Iran.

If you previously used a different solution, which one did you use and why did you switch?

Prior to using this solution we used Fortinet. I do not know why we switched because the transition had happened before I joined the company.

How was the initial setup?

The initial setup for this solution is not really complex.

We did all of the manual procedures. The design phase was kind of complex, but this was because of the complexity of our network. It has nothing to do with the product.

The deployment took about a week. We had it run in a test environment first before going into live production.

The analyzing of logs and investigation of incidents is performed by security analysts who are part of the information security department. The maintenance of this solution is the responsibility of the network group. There is a network administrator and some network juniors who take care of it. In total, four people work with this solution.

What about the implementation team?

Our in-house network people were responsible for the implementation. We gave them the policies and they took care of it.

The local vendor assisted us by giving us some best practices and use cases.

What was our ROI?

We have seen ROI because it is really useful for us.

What other advice do I have?

This is a good product that you can rely on. It has great features, including the LTM, ASM, and GTM. You can improve your security with this product.

Because I am the SOC manager and reporting is really important for me, I cannot give this product a perfect score.

I would rate this solution a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email