Skip to main content

Help us improve the Digital Marketplace - send your feedback

FullProxy Ltd

F5 Distributed Cloud API Security

F5 Distributed Cloud API Security is a solution designed to protect your APIs across multi-cloud and edge environments. It provides security, traffic management, and analytics capabilities, ensuring the secure and reliable delivery of your APIs to customers, partners, and internal applications.

Features

  • Automatically discover and catalog APIs across your distributed environments
  • Implement granular access control policies based on various criteria
  • Detect and mitigate threats, such as SQL injections
  • prevents abuse, DDoS, ensures fair resource allocation
  • Validate incoming and outgoing API requests and responses
  • Monitor and log API traffic in real-time across distributed environments
  • API analytics via customisable dashboards for insights and metrics
  • Comprehensive API lifecycle management from dev to retirement
  • Deploy and manage API security policies across multiple cloud providers
  • Deploy API security closer to the end-users

Benefits

  • Manage APIs across multiple cloud providers and edge locations
  • Centralised platforms to secure and manage APIs
  • Protect APIs from threats such as, DDoS attacks
  • High availability and scalability
  • Handle fluctuating traffic volumes and spikes without comprising performance
  • Meet Industry standards such as GDPR and PCI-DSS
  • Integrate seamlessly with your existing infrastructure

Pricing

£2,500 an instance

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at g-cloud@fullproxy.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

7 1 7 5 5 8 5 7 8 7 5 9 9 0 9

Contact

FullProxy Ltd Chris Templeton / Ewan Ferguson
Telephone: 0141 291 5500
Email: g-cloud@fullproxy.com

Service scope

Service constraints
Details provided within supplied documentation
System requirements
  • Requirements dependent upon environment in which products are deployed
  • See vendor website or documentation for details
  • Minimum requirements are available at F5.com

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Response time SLAs are negotiable with the client
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Yes, at an extra cost
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
N/A
Web chat accessibility testing
N/A
Onsite support
Yes, at extra cost
Support levels
Access to F5 Support differs with contract purchased. Fortinet Support are available 24x7x365.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Pre-sales consultancy Online Training User documentation
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
No user data is retained as part of the service.
End-of-contract process
Renewal notice issued 90 days prior to contract end date.

Using the service

Web browser interface
Yes
Using the web interface
F5 Distributed Cloud API security does provide a web interface for administrative purposes. The web interface serves as the central management console for configuring, monitoring, and managing F5 Distributed Cloud API security services.
Web interface accessibility standard
WCAG 2.1 AAA
Web interface accessibility testing
N/a
API
Yes
What users can and can't do using the API
F5 Distributed Cloud API security provides an API (Application Programming Interface) for administrative purposes. The API allows administrators to programmatically manage and configure API security services offered by F5 Distributed Cloud.
API automation tools
  • Ansible
  • Chef
  • Terraform
  • Puppet
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
  • Other
Using the command line interface
F5 Distributed Cloud API security does provide a Command-Line Interface (CLI) for administrative purposes. The CLI allows administrators to interact with F5 Distributed Cloud API security services from the command line, enabling them to perform various administrative tasks and configurations efficiently.

Scaling

Scaling available
Yes
Scaling type
  • Automatic
  • Manual
Independence of resources
The underlying resources (CPU and Memory) are under the control of the client and can be extended if required. The product is sold based on per instance therefore a client may have to purchase multiple instances if usage goes beyond initially anticipated levels.
Usage notifications
Yes
Usage reporting
  • API
  • Email
  • SMS

Analytics

Infrastructure or application metrics
No

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
F5

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
No

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Availability of the deployed service is the responsibility of the customer
Approach to resilience
This information can be made available upon request
Outage reporting
This information can be made available upon request

Identity and authentication

User authentication
Username or password
Access restrictions in management interfaces and support channels
Role based access control
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password
Devices users manage the service through
Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
QMS International Ltd
ISO/IEC 27001 accreditation date
30/11/2022
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Security governance policies available upon request

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
F5 can provide documentation on their configuration and change management approach on request
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
F5 can provide documentation on their Vulnerability Management approach on request.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
F5 can provide documentation on their proactive monitoring approach on request.
Incident management type
Supplier-defined controls
Incident management approach
F5 can provide documentation on their Incident Management approach on request.

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
Other
Other virtualisation technology used
F5 Distributed Cloud leverages a combination of containerization, Kubernetes orchestration, and cloud-native architecture principles to deliver its networking and security services in a scalable, distributed, and efficient manner. While virtualization technologies play a role in its platform, F5 Distributed Cloud's focus is on enabling cloud-native networking and security capabilities for modern applications and distributed environments.
How shared infrastructure is kept separate
F5 Distributed Cloud supports multi-tenancy, allowing organizations to create separate, isolated environments for different users, departments, or customers within the platform. Each tenant can have its own set of resources, configurations, and access controls, ensuring data privacy, security, and segregation of duties.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Documentation on the EU code of conduct for Energy Efficient datacentres can be provided upon request

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

FullProxy's position on Social Values can be provided upon request

Covid-19 recovery

FullProxy's position on Social Values can be provided upon request

Tackling economic inequality

FullProxy's position on Social Values can be provided upon request

Equal opportunity

FullProxy's position on Social Values can be provided upon request

Wellbeing

FullProxy's position on Social Values can be provided upon request

Pricing

Price
£2,500 an instance
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
A free or trial version/PoC can be requested from FullProxy. More details can be provided upon request.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at g-cloud@fullproxy.com. Tell them what format you need. It will help if you say what assistive technology you use.