"F5 faces an uphill contest with vendors that offer both SSL and IPsec, and should reconsider whether to build or acquire client-based IPsec support," Gartner reported.
That aside, the F5 approach of combining different point solutions into one powerful data center firewall is a viable approach, said Jeff Wilson, a principal security analyst at Infonetics research.
Even though the typical enterprise data center may not be as much of a target of a malicious DDoS attack as would a financial institution or a government agency, data centers are still high-value assets that need enhanced protection for today's threats, Wilson said.
"Since data centers typically process a lot of traffic, have high bandwidth connections and have a lot of high-capacity gear, when attacks are aimed at them they tend to be very fast attacks, but the typical firewall isn't designed to handle a DDoS attack," he said. "The scale of the attacks is really what's at issue in a data center."
F5 compared its BIG-IP 11050 to the Juniper SRX 3400 on throughput, connections per second and the number of concurrent connections it can support. Wilson says that's because Juniper has a significant foothold in the data center and, like F5 and other network security vendors, is trying to expand its presence in those data centers. He identified HP's Tipping Point and CheckPoint as among other vendors going up against F5.
Learn more about Data Encryption by subscribing to Network Computing Pro Reports (free, registration required).