Release Notes: F5 Essential App Protect Service¶
Essential App Protect Service provides instant, out-of-the-box protection from common web exploits, malicious IPs and coordinated attack types. It includes a live interactive map display, integration with F5 Labs, and multiple web application firewall (WAF) security capabilities.
- Configuration versioning allows undo and roll-back capabilities - see Service-specific Events and Roll back Confiruration Changes.
- Newly discovered attack signatures are now automatically added and logged as service events - see Service-specific Events.
- Deployed new service regions - see Whitelist Essential App Protect.
- Known attack signatures are now identified by ID in the portal, shown in the documentation, and available through the API.
- Listeners for HTTP and HTTPS, SSL/TLS certificates, and the choice to redirect HTTP traffic to HTTPS can now be easily updated from within the portal.
- Regions can now be completely managed in the portal, allowing you to add, modify, and delete.
- Service configuration changes are now logged so you can track what changed, when, and by whom.
General Availability (GA) Release 2020-03-17¶
This is the first general availability release following a successful preview period.
- Out-of-the-box protection against common web exploits, malicious IPs, and coordinated attacks
- Checkbox-simple setup and configuration—Setup instructions
- Tight integration with F5 Labs threat intelligence
- Intuitive, graphical user interface (UI)
- Full declarative API support for integration into CI/CD pipelines
SaaS Continuous Integration, Continuous Development (CI/CD)
Essential App Protect is a SaaS solution developed using the latest CI/CD techniques for automating new feature integration and delivery, so you always have up-to-date software protecting your application. While the initial release offers great protection, our security team is continually working to deliver the latest capabilities for the best application security available. Here are some of the extensions we plan to add in the near future:
- SIEM Integration
- CDN Integration
Additionally, Essential App Protect manages the security posture for your application—our security research team will continuously search for and discover new vulnerabilities, create new attack signatures to cover them, and deliver as part of our regular updates. For those who want to manually control the attack signatures and certain security settings, we’ll be adding the following UI capabilities:
- Listing/disabling/enabling specific attack signatures for your application
- Uploading TLS cert post onboarding
- Creating new endpoints with the portal
- Fixed: User was not able to change or add an SSL/TLS certificate on subscriptions that were already active.
- Fixed: NGINX was replacing Host header with an incorrect value—Host: backend:8080. Essential App Protect now preserves the original Host header.
- Everything else is fine, we hope.
Getting help for F5 Cloud Services¶
You can find additional support resources and technical documentation through a variety of sources: