WIXLIB

Selling Hybrid WAFStep 3: Only Vendor with Dynamic One-Click PatchingUnsurpassed integrations: BIG-IP ASM and leading DAST vendors1. Apps have vulnerabilities!2. Recommend vulnerability assessment (VA)scanning virtual patching Virtual-patching with one-click on BIG-IP ASM Manual patching guidanceVA/DAST Solutions3. Fast verification and policy deployment Verify, assess, resolve, and retest in one UI Automatic or manual creation of policies Discovery and remediation in minutes Automatic notification of website changes

Selling Hybrid WAFStep 4: Stress Flexible Deployment OptionsData CenterDevicesLoad Balancing DDoS Protection Application SecurityInternetProtection in the data centerVIPRION PlatformBIG-IP ASM Install on any BIG-IP platform to protect applications in thedata center. Deploy as an add-on to BIG-IP products in use or run it asa standalone.Securing applications in the cloudBIG-IP ASM VE Activate securityservices close to appsthat have moved to theBIG-IPcloudVirtual Edition Accelerate development. and testF5 Silverline WAF protection Recommended for fast activationof ASM protections for SMBs andenterprise-wide SAAS and tier 2applications.HINT: RECOMMEND HYBRID WAF IN EVERY DEAL!

Selling SilverlineWeb Application Firewall

Selling Silverline WAF4 Key Steps to Selling Silverline WAF1Share key value and underscore BIG-IP ASM foundation2Position Silverline WAF appropriately3Emphasize the F5 SOC and key differentiators4Handle objections and engage Silverline sales experts

Selling Silverline WAFStep 1: Share Key Silverline WAF ValueProven security effectiveness as a convenient cloud-based service Protect web apps and data from layer 7attacks with F5 cloud-based WAF Leverage 24x7x365 F5 SOC support forpolicy creation and attack management Enable compliance, such as PCI DSS Outsource app security expertise Built on #1 most effective WAF (99.89%) inclass Built on #1 deployed WAFCloudL7 Protection:Geolocation attacks, DDoS, SQLinjection, OWASP Top Tenattacks, zero-day threats, AJAXapplications, JSON payloadsLegitimateUserAttackers F5 Networks, IncPrivate CloudHosted Web AppWeb ApplicationFirewall ServicesWAFWAFF5 SilverlinePhysical HostedWeb AppVA/DASTScansPolicy can be builtfrom 3rd Party DASTPublic CloudHosted Web App

Selling Silverline WAFStep 2: Position Silverline WAF AppropriatelyAll the capabilities of BIG-IP ASM, now a managed services offeringWHAT IT IS Fully managed, enterprise-gradeservice built on BIG-IP ASMService in which the SOC creates,modifies, monitors, and tunes allpolicies on behalf of the customerCustomer portal showing violationevents, proxy statistics and reports*WHAT IT IS NOT Managed service for on-premisesBIG-IP ASM within a customer’s datacenter Self-service portal in which thecustomer configures their own policies(NOT self-service WAF)CDN (content distribution network) * Limited on initial releasePay-as-you-go, monthly, limitedservice

Selling Silverline WAFStep 2: Focus on Two Common Use CasesPROTECT SECONDARY WEB APPS1. Keep BIG-IP ASM on-premises toprotect primary, business-critical apps2. Deploy Silverline Web App Firewall toprotect secondary apps Applications moving to the cloud SaaS apps PROTECT ALL WEB APPS1. Deploy Silverline WAF and protect allapps no matter where they reside2. Drive operational and costefficiencies Customers without sufficient securitystaff to manage WAF policiesProductivity apps Customers building cloud data centers Legacy apps Less frequently used appsNeed a simpler way to provideconsistent WAF protections acrosshybrid instancesNO APP LEFT UNPROTECTED

Selling Silverline WAFStep 3: Emphasize the F5 Security Operations Center (SOC)Reduce operating costs by outsourcing WAF policy management to F5 SOC expertsF5 security experts proactively monitor andfine-tune policies to protect web applicationsand data from new and emerging threats. Expert policy setup Policy fine-tuningF5 Security Operations CenterExpert Policy Setup andManagement Proactive alert monitoring False positives tuning Detection tuning Whitelist/Blacklist set up and monitoringAvailability Support F5 customer portal visibility F5 Networks, IncActive Threat Monitoring

Selling Silverline WAFStep 3: Highlight Silverline WAF Key Differentiators Designed with #1 most deployed andeffective WAF in class: BIG-IP ASM High level of service from F5 SOCexperts: Gain attack insights via F5 Customer Portal 24x7x365 SOC support Expert policy creation 2780 signatures for best protection Dynamic vulnerability protections withthe ability to share VA/DAST scans Highly-customizable programmability Design iRules and iApps to protectagainst zero-day threats Future integrations with BIG-IP ASM toprovide hybrid WAF services and APIs

Winning with Hybrid WAF

Winning with Hybrid WAFF5 Customer CaseStudiesLTMASMAPMAFMAAMGTM“The attacks happen; the attacks getblocked. If we need to changesomething, the interface is simpleenough that we can go in and make allthe adjustments in a matter of minutes—without taking anything offline.”VIPRION—Chris Thomas, Network Manager, CARFAXKey Benefits of F5 Guards against data theft Refuse all traffic from countries where they don’t dobusiness Simple UI supporting changes in minutes Easy to manage as part of a consolidated platformView video on F5.com

Winning with Hybrid WAFF5 Customer Case StudiesLTMASM“With the F5 solution, we’re getting farfewer false positives, so we’reallowing more legitimate traffic.Because F5 enables deep packetinspection, we can tell exactly what iscausing an error and know how to fixit.”—Stuart Lyons, Security Engineer at HKKey Benefits of F5 Reduces filtering of good traffic by minimizefalse positives Eliminates server downtime with virtual patching Provides more granular information, withincreased flexibility and configurability Excellent quality of service with 24x7x365support

Platforms: Create Great Customer ValueF5 Platforms25M2000 series*200M4000 series1Gbps5000 SeriesVirtual3Gbps7000 Series5Gbps10Gbps10000 Series12000 SeriesPhysicalF5 softwareF5 hardwareProvide flexible deployment options for virtualenvironments and the cloud with virtualeditionsHigh-performance with specialized anddedicated hardwareVirtual editions are best for: Accelerated deploymentMaximizing data center efficiencyPrivate and public cloud deploymentsApplication or tenant-based podsKeeping security close to the appLab, test, and QA deploymentsVIPRION 2200VIPRION 2400VIPRION 4480VIPRION 4800HybridPhysical virtual hybrid ADC infrastructureUltimate flexibility and performancePhysical hardware is best for:Fastest performanceHighest scaleSSL offload, compression, and DoS mitigationAn all-F5 solution: integrated HW SWEdge and front-door servicesPurpose-built isolation for application deliveryworkloadsHybrid is best for: Transitioning from physical tovirtual and private data center tocloud Cloud bursting Splitting large workloads Tiered levels of service*Note: 2000 Series appliances is not offered with Better or Best bundles

How Customers Buy F5Virtual Editions: Find an F5-Ready Public Cloud ProviderVerified by F5 for greater cloud confidenceF5-VerifiedGlobal-ReachingFlexibleBIG-IP VE products verifiedby F5 for compatibility inF5-ready clouds.F5-verified providers spanAmericas, EMEA, and APACfor broad reach and selection.Variety of purchase options:BYOL, on-demand utility billing,volume licensing subscription.Note: F5 adds new partners on a regular cadence, check f5.com/f5ready for the most up-to-date list

Drive Greater ROI with Services—2 ChoicesDriving customer satisfaction throughout the solution lifecycleDEVELOP AND RESELL YOUR SERVICESMaximize performance, health, security Product Training F5 University F5 UNITY Gold or Platinum Partner Status F5 Certified Engineer(s) Proactive Assessments and IntegrationServices Utilizing iHealth/AskF5/DevCentralRESELL F5 PROFESSIONAL SERVICESRecommended practices design deploymentutilizing: Solution Definition Workshops (SDW) Projection Definition Workshop (PDW) Design and Implementation Services Migration and Upgrade ServicesAmericas: consultingsales@f5.com

Make More Money Selling F5 Hybrid WAF Products!What’s in it for you? Expand your business and sell WAF products to protect all web apps Increase deal size of existing security solutions with F5 hybrid WAF (BIG-IP ASM andSilverline Web Application Firewall) Set the stage for future solution offerings tied to the broader F5 security portfolioChannel Program: Vault Security Program Earn up to up to 20,000 for each qualified Vault Security opportunity Earn a 2x accelerator when you sell Silverline WAF with qualifying VAULT SKUs Sell Better or Best Virtual Edition Volume License Subscriptions (VLS) Stack your incentives for the highest payoutLanding Page on Partner Central

How Customers Buy F5Call to ActionReview all app. security use cases and opportunities leveraging PartnerCentral resources and your CAM as you increase BIG-IP ASM andSilverline Web Application Firewall salesIdentify current portfolio and new prospects that need or find value incloud-based application servicesEnable prospect education on F5 hybrid WAF use cases, benefits,services, and sales toolsDeliver growth by recommending F5 Web App Firewall services for allhybrid environmentsYOUR MISSION: SELL HYBRID WAF! NO APP LEFT UNPROTECTED.

GiveFeedback–GetPoints! Addclasstoyourpersonalschedule. SurveywillpopupinMobileApp. Answerthemultiplechoice. Submityourquestiontocomplete. Receive5points!

WAF Market and Customer ChallengesImportant Trends in Threat VectorsINTERNET OF THINGS 2016 F5 Networks47

WAF Market and Customer ChallengesImportant Trends in Threat VectorsINTERNET OF THINGS100sEMERGING DEVICESAND APPLICATIONS 2016 F5 Networks47

WAF Market and Customer ChallengesApplication Attacks Hurt Your BusinessEvolving Security ThreatsSource 1: Ponemon Institute, 2015 Cost of Cyber Crime Study, 2 IBM Security Services, 2015Cyber Security Intelligence Index 2016 F5 Networks48

WAF Market and Customer ChallengesApplication Attacks Hurt Your BusinessEvolving Security Threats 7.7MAverage cost of cybercrime per company199Successful attacksper year per company181MMonitored cyberattacks Worldwide2Source 1: Ponemon Institute, 2015 Cost of Cyber Crime Study, 2 IBM Security Services, 2015Cyber Security Intelligence Index 2016 F5 Networks48

WAF Market and Customer ChallengesApplication Attacks Hurt Your BusinessEvolving Security Threats 7.7MAverage cost of cybercrime per company199Successful attacksper year per company181MMonitored cyberattacks Worldwide2Damages brand reputation.Results in significant downtime andrevenue loss.Compromises sensitive enterprise,employee, and customer data.Breaches compliance requiredto conduct business online.Source 1: Ponemon Institute, 2015 Cost of Cyber Crime Study, 2 IBM Security Services, 2015Cyber Security Intelligence Index 2016 F5 Networks48

Selling Silverline WAFStep 1: Underscore ASM foundation of Silverline WAFRuns on #1 most effective in class and #1 most deployed WAF F5 Networks, Inc99.89% overallsecurityeffectivenessDeployed in moredatacentersworldwide than anyother WAFRecognized WAFon #1 ADC in themarketSilverline WAF built on BIG-IP ASMWAFVIPRION PlatformBIG-IP PlatformBIG-IP Virtual EditionF5 Silverline49

Selling Hybrid WAFStep 4: Handle Hybrid WAF ObjectionsObjectionResponseWe already have existingprotection solutions. Whatvalue does F5 add? F5 provides more flexible hybrid WAF protections that guard against sophisticated attackslike shellshock and poodle, and provides advanced proactive bot defense.Hybrid WAF products integrate with BIG-IP AFM to consolidate the data center, accelerateperformance, and protect against DDoS attacks. BIG-IP ASM is an effective solution for even a novice user with step by step hints.We do not have familiaritywith ASM and would need to BIG-IP ASM is equipped with a set of pre-built application security policies that providedevelop needed skills setsout-of-the-box protection for common apps requiring zero configuration time.Why should I choose F5hybrid WAF products overother solutions? How do I successfullycompete as a challenger inGartner WAF MagicQuadrant? F5 Networks, Inc. F5 hybrid WAF products deliver most comprehensive set of capabilities with highest levelsof security effectiveness compared to other vendors such as Imperva.Better price per performance than most solutions including SecureSphere and providesunsurpassed DAST support and protection against automated Bots.BIG-IP ASM is a leading contender in WAF market and has a clear advantage with onpremises deployment and completeness of solution are the key drivers. To compete successfully, lead with advanced DDoS protections, best bot defense,securing against vulnerability exploits and protect against OWASP top 10.50

Selling Silverline WAFStep 4: Handle Silverline WAF ObjectionsObjectionResponse No other cloud competitor uses purpose-built WAF appliance such as BIG-IP ASM, thusOther cloud companies have20 POPs, you only haveno one has a greater footprint with the capabilities of Silverline Web Application Firewall.four. How much additionallatency should I expect with your The more POPs that are introduced into a network, the longer it takes to propagateservice?policies. This is critical when it comes to new attack vectors and zero day threats.Other companies have bundlesin performance/ CDNfunctionality. Using the BIG-IP platform, we have many inherent performance capabilities to cache andaccelerate the application, as well as industry leading SSL acceleration.The service seems to be limited This was by design as the initial product was aimed towards customers who wanted thein user control (self-serve).security of BIG-IP ASM, while reducing the complexity to manage it. Silverline was the first to build a service that integrated with the complexity of a purposebuilt WAF product (BIG-ASM). More portal updates coming soon.I don’t want to provide my SSLkeys in the cloud. Some customers are designing a SSL DMZ where they have separate certs/keys betweenus and the client, and again between us and the origin.

How Customers Buy F5Services: Optimized for Customer InitiativesEnd-to-end Global Services and Support OptionsTraditional ADCArchitectDesign for best practicesImplementQuick and optimalSecuritySolution Definition WorkshopDeployment & Migration ServicesTraining and CertificationMaintainBacked by F5 SupportMaintenance AgreementsPremium Plus SupportOptimizeMaximize performance, health,securityCustomization & ScriptingiHealth Diagnostics & Self-help ToolsCloud

How Customers Buy F5Services: Select a Variety of Service and Support OptionsDrive Greater ROI with Customers Throughout the Solution LifecycleOptimizeArchitectMaximize performance, health,securityDesign for best-practices deployments Solution definition workshops Design and assessments Proactive assessments & integrationiHealth/AskF5 /DevCentralCertificationMaintainImplementEnsure continued availability Upgrades and expert services World-class support Premium Plus and enhancedservicesDeploy quickly and optimally Installations and migrations Web and onsite trainingSell AppSecurityPro. Services:1. BIG-IP ASM deploymentservice including policycreation2. VA/DAST mitigationservice for virtual one-clickpatching

How Customers Buy F5Services: Select a Variety of Service and Support OptionsDrive Greater ROI with Customers Throughout the Solution LifecycleOptimizeArchitectMaximize performance, health,securityDesign for best-practices deployments Solution definition workshops Design and assessments Proactive assessments & integrationiHealth/AskF5 /DevCentralCertificationMaintainImplementEnsure continued availability Upgrades and expert services World-class support Premium Plus and enhancedservicesDeploy quickly and optimally Installations and migrations Web and onsite trainingSell AppSecurityPro. Services:1. BIG-IP ASM deploymentservice including policycreation2. VA/DAST mitigationservice for virtual one-clickpatching

Services—Driving Customer Satisfaction & Your Bottom LineArchitect Detailed architecturalplanning delivered by F5and partnerProvides our sharedcustomers a detailedview of F5 solutions to astrategic business needF5-CST-PKG-SDW: 15,000 2016 F5 NetworksImplementBIG-IP Application SecurityManager (on premises) BIG-IP ASM deploymentservice including policycreation VA/DAST mitigationservice for virtual oneclick patchingMaintainF5 maintenance packages Standard @ 12% Premium @ dpremium-ds.pdf BIG-IP LTM upgradeassessment serviceBIG-IP ASM upgradeassessment serviceOptimize iHealth, AskF5,Training, OperationsGuides Leverage F5’s selfsolve capabilities tosupport and optimizeour customers solutions https://f5.com/support/self-solve From herepartners (& customers)have access to all theself-solve content andinformation54

How Customers Buy F5Sizing: Build Out the Right Requirements for QuotesSales is often asked how to size BIG-IP ASM for an opportunity.The short answer is: You need to work with your Regional Security SME (Channel SE).Key things to discuss with the customer that will help your SME: Transactions per second TPS? HTTP RPS average request size? Do they have a team that is focused on application securityand patching application holes? Do they want to set and forget to solve a compliance checkbox?If you have an opportunity with a customer, please fill out answers to above questions to expedite the saleslifecycle.BIG-IP ASM SKU ExamplesSKUF5-BIG-ASM-4200VDescriptionBIG-IP ASM VE and Cloud ExamplesSKUApplication Security Manager st

Step 2: Highlight F5 Hybrid WAF Third-Party Validation Selling Hybrid WAF Overall security effectiveness 99.89% Minimal false positives. 124% #1 MOST DEPLOYED WAF WORLDWIDE *451 Research reports that leadership in WAF has transitioned form Imperva to F5. **Source: NSS Labs Web Application Firewall Product Analysis: F5 BIG-IP ASM 10200 v11.4.0;