For years large organizations have struggled with orchestrating machine identities across load balancers and other network components. Now F5 Networks has addressed that problem by building native integration capabilities for the Venafi Platform into the F5 BIG-IQ Centralized Management solution. The new Venafi integration with BIG-IQ improves protection for organizations by allowing network operations to orchestrate the entire lifecycle of SSL/TLS certificates, scale the process at DevOps speed and ensure security policies are enforced across F5 devices.
As digital transformation drives advances in DevOps, multi-cloud and microservice strategies, the number of machine identities—like TLS keys and certificates—on enterprise networks is exploding. Without automation for TLS keys and certificates, organizations can be hampered by costly outages from expired certificates. In spite of suffering from these avoidable errors, organizations often try solving these problems by cobbling together scripts and spreadsheets.
Minimizing Human Error for Machine Identities
F5 BIG-IQ Centralized Management offers organizations complete lifecycle management for BIG-IP application services and devices—enabling them to provide the availability, performance and security necessary to achieve digital transformation goals. With the latest release of BIG-IQ, enterprises can orchestrate and inject automation into the process of assigning and managing TLS keys with the Venafi Platform, removing the complexity of TLS key and certificate usage. BIG-IQ customers can connect to more than 40 certificate authorities (CAs) supported by the Venafi Platform. In addition, security policies are enforced without slowing BIG-IP operations.
Key benefits of the integration include:
- Accelerated innovation and increased scalability. The integration automates complex machine identity installation and configuration across BIG-IP environments using BIG-IQ Centralized Management automation.
- Streamlined operations through automation. Enterprises can avoid human error and bottlenecks caused by manual oversight of machine identities with BIG-IQ and Venafi.
- Outage and downtime prevention. The F5 integration with Venafi prevents incidents and outages associated with expired certificates and helps avoid issues stemming from the recertification process.
- Increased security. The solution uses security team-approved policies and provides visibility into machine identities used across BIG-IP deployments.
- Reduced administrative overhead. The integration simplifies and accelerates the ability to secure machine identities—for physical and virtual machines—across complex infrastructures.
Great for Protecting Machine Identities, Great for our Customers
“The integration of BIG-IQ and the Venafi Trust Protection Platform significantly accelerates the delivery of secure, compliant certificates to devices, applications, containers and algorithms that require them to connect and communicate securely,” says Calvin Rowland, SVP of Business Development at F5. “This is a key security capability for organizations moving more workloads to the cloud, embracing DevOps methodologies, and adopting technologies such as IoT and AI.”
“Our new combined solution provides mutual customers with extensive visibility and intelligence, making it easy for teams using F5’s BIG-IP to protect their TLS certificates,” notes Kevin Bocek, vice president of security strategy and threat intelligence at Venafi.
Want to learn how this integration can benefit your organizations? Read these solution and technical overviews from F5:
- F5 and Venafi solution overview.Automating Protection: Machine Identities
- dev/central article.F5/Venafi Solution for Enterprise Key and Certificate Management