F5 Distributed Cloud Bot Defense (formerly Shape Defense, acquired January 2020) provides security to protect a website from bots, fake users, and unauthorized transactions, preventing large scale fraud and eroded user experiences. Companies get visibility, detection and mitigation outcomes to reduce fraud and cloud hosting, bandwidth and compute costs, improve user experiences, and optimize their business based on real human traffic.
N/A
SecureLink Enterprise Access
Score 9.3 out of 10
N/A
SecureLink is a platform for remote support in regulated industries. Enterprise software vendors use SecureLink to deliver remote support and services. Hospitals, banks, casinos and other regulated entities use SecureLink to authenticate, control and audit remote access for their vendors, business associates and other 3rd parties.
N/A
Zscaler Private Access
Score 9.0 out of 10
N/A
Zscaler Private Access™ (ZPA) gives users secure access to private apps and OT devices while enabling zero trust connectivity for workloads.
I'd strongly recommend it, but with a few caveats depending on how mature the team is with behavioral based security tools. One of our fintech clients was getting hit with low volume, widely spread login attempts, below our rate limiting thresholds. F5 Distributed Cloud Bot Defense was able to flag abnormal input timings, inconsistent device fingerprinting and high entropy in field population behavior. You can only imagine the wave of downstream account lockouts this saved the client. On the other end we had a client with a real time trading platform using Graphql over websockets. F5 Distributed Cloud Bot Defense wasn't able to tap into that stream natively. we had to reverse engineer a proxy layer to inspect events. It worked but it was clunky and not officially supported
It does exactly what it needs to. The only times I've had serious issues with rolling out to a vendor is when they have a "contractual agreement" to only use their solution. Almost every vendor that I've worked with and shown this product to has been skeptical for the first 5 minutes and fully converted to liking the ease of use of the product by 10 minutes
Zscaler Private Access works really well in environments setup for FQDNs and where you know what users should/shouldn't be accessing on what ports. You can use Zscaler Private Access to figure out these kinds of features but that doesn't always mean you'll be correct. It also provides a consistent experience for users as they can access their materials anywhere. It also makes the user the last line of defense. If a user's account is compromised then the attacker has access to everything they already did. It doesn't work great in OT environments or Server based environments. Flows have to be initiated from the client and not the server for stuff to behave properly.
Quickly helps mitigate the retooling and newer advanced bot attacks
Excellent customer service from our f5 bot Defense team/partners
Easy to do Traffic Analysis/False Positive reviews with their dashboard of data
Our F5 Security/Solutions Architect and TAM is always there for us whenever we need them
First class service by the F5 Distributed Cloud Bot DefenseSOC, the Tactics Team, the F5 Testing person that helps us, the mobile SDK experts, the Client-Side Signals experts and F5 management
Industry best Threat Briefings
Not only is F5 Distributed Cloud Bot Defense great at stopping the advanced bot attacks, they also have protection against any tampering or replay attacks.
Java based. Always an issue. I know they are working on this and it will be Javaless if we need it. I know that Java can cause issues across the board and I understand the need of it, but it does not make it any better when there are Java issues.
Stronger integration with the Active Directory. Currently its only read-only, which is good and bad.
I would love to see an App. I know they are working on this as well.
Application Segmentation and Listener Configuration - The way applications are defined and listened for is fundamental to ZPA, but can be a source of frustration, especially when dealing with legacy or non-HTTP protocols
The ZCC is the user's primary gateway, but its control over local system network behavior can sometimes clash with enterprise requirements.
The environment feels more secure, and we are seeing that users are adapting to it fast. The fact that we have tools to assist the users with their day-to-day access helps, as we can hand it off to the helpdesk without any escalations to the Network team. It is a work in progress for our agency, but we are seeing the benefits from the solution.
Official support can sometimes take time to reach the right people. However, once you are in contact with the appropriate experts, the support is excellent, as F5 staff are true specialists. On the other hand, we always receive prompt assistance from our local sales team, who typically help us connect with the right people quickly.
The employees at Securelink have always been responsive and seem to be invested in the success of my company. They truly understand what their product means to us so if there is a problem, they are always willing to help. In the rare event that something is found on their end, they will be proactive and reach out to someone to help and get something on calendar for a fix
Implementation of Distributed Cloud is accomplished a few different ways, it would pay to meet with the F5 team and map out your implementation prior to acquisition to make sure you Infrastructure and Operations teams are aligned to the approach and requirements.
Clodflare bot management was our other obvious option for us. We tested it on a staging version of our RFQ platform. It was great for broad traffic filtering but had a hard time with nuanced differences between real subcontractors and low volume bots mimickingt human input whereas that's where F5 Distributed Cloud Bot Defense thrived
Securelink seems to work better than LogMein for a large enterprise group. Our company has over 10,000 different connections and securelink manages them well.
Well ZPA is a good solution, however everyone has their own advantage and disadvantages, with ZPA you can deploy ZTNA model, which will help you better control on access, however Palo Alto, Fortinet they are also market leading firewall solution, and you can not deny if they are not providing the same features.
F5 Distributed Cloud Bot Defense has helped our customers identify real human traffic and bot traffic, allowing them to prioritize real traffic to applications and improve cloud service usage.
F5 Distributed Cloud Bot Defense ha ayudado a nuestros clientes a poder identificar cuál es el tráfico real de personas y cual el de Bot para así poder priorizar el tráfico real hacia las aplicaciones mejorando los consumos de servicios en nube.
I've found that Securelink allows me to get a vendor access to an application for support purposes much faster than a provisioned VPN account and the red tape around this. I can set up a vendor to access an application suite in a half hour and it will be more secure than regular provisioning.
The ROI is yet to be seen on this, but it certainly makes Compliance, Internal Audit, and Legal very happy, which helps everybody.
Internally, there is much more push back and it has been problematic. For a tech, to have to log in to a server and navigate to a system is considered cumbersome, when before all they had to do was open up Putty or RDP to a server to get in. The only way to combat this is to force them to use Securelink by removing rights. Near impossible for the domain admins.
Positive: We have now charged users internally for the service
Negative: Dealing with users who also have the Zscaler Client Connector for their company, can cause confusions
Negative: Enabling the Zscaler Internet Access entitlement has been a major headache for us because Zscaler Private Access users can't autheniticate through ZIA on a non corporate device.
