Tag Archives: security

Application programming interface, Business Processes, DocuSign, Electronic Signature, Partnerships

DocuSign Speeds Integration with New eSignature REST API

Image representing DocuSign as depicted in Cru...

DocuSign today launched a new eSignature REST API for its industry leading DocuSign Global Network. This innovative, visually driven API makes connecting with DocuSign’s eSignature Transaction Management platform faster and easier for customers and partners. Organizations leveraging the API can offer DocuSign eSignature convenience from existing or new business processes in just hours of development time instead of weeks – accelerating speed to results, reducing costs, and delighting customers.

“More developers are using DocuSign’s open eSignature integration framework to integrate into their existing business solutions and apps than any other eSignature solution,” said Grant Peterson, chief technology officer, DocuSign. “The release of our new eSignature REST API standard and toolkit dramatically shortens the time it takes to integrate and deploy DocuSign – no matter what systems or devices customers use to run their business.”

“The eSignature REST API is visually stunning and ready for enterprise use,” said Dave Messinger, community architect, Appirio. “We were encouraged with how quickly we were able to integrate DocuSign into our CloudSpokes architecture – taking us days to prototype solutions instead of weeks or months. It just works. We’re excited and encourage CloudSpoke’s developers to take a look.”

DocuSign’s new eSignature REST API standard is built to be open and extensible, and was developed in collaboration with a number of the world’s leading cloud-based companies, including Appirio, Box, Mashery, salesforce.com, and others. This new industry standard will continue to be enhanced based on developer, partner, and customer feedback.

“DocuSign’s new eSignature REST API will enable salesforce.com customers – as well as developers in our partner ecosystem – to quickly and easily integrate with DocuSign,” said Mike Rosenbaum, senior vice president, AppExchange & Force.com Operations, salesforce.com. “Enterprises are accelerating their move to the cloud with architectures built around open APIs, instead of dealing with servers and software.”

As an integral component of the DocuSign Cloud Partner Program, the DocuSign Developer Program provides resources to facilitate integrations of all kinds, including technical evangelists, a complete API, online community, and a developer program described by ProgrammableWeb as “the strongest of all the [electronic signature] providers researched.”

DocuSign’s new eSignature REST API Toolkit includes:

  • Step-by-Step
    API Walkthroughs     – A detailed, step-by-step
    visualization of the API call flows, function code examples, and
    detailed explanations of every step.
  • API
    Explorer     – Developer onboarding tool powered by Mashery
    I/O Docs that provides the specific methods and code needed to execute
    tasks and workflow.
  • Online Documentation – Robust documentation of the REST API and
    how it can be used to accelerate development.
  • Community Forums – Fully monitored and supported community site
    to get questions answered quickly. In addition, DocuSign will
    establish set ‘Office Hours’ during June and July to further support
    developers.

“Offering developers an API Explorer to get started quickly is a key element of DocuSign’s full-dimensional API program,” said Neil Mansilla, director of platform evangelism & partnerships, Mashery. “DocuSign did an extensive integration using Mashery I/O Docs. DocuSign’s impressive code contributions back to the project will benefit developers and the open source community.”

“We already have more than 5,000 active developer accounts using our existing APIs today,” said Roger Erickson, vice president for customer success, DocuSign. “The speed-to-value equation of our new standard is truly amazing, and we view our eSignature REST API as a ‘crossing the chasm’ moment for embedding DocuSign eSignature and workflow management into any business process or system.”

Customers and partners are already using DocuSign’s eSignature REST API to help accelerate transaction cycle times to increase speed to results, reduce costs, and enhance customer satisfaction with the easiest, fastest, most secure way to send, sign, track, and store documents in the cloud. “DocuSign has really made a step forward in helping developers with the new eSignature REST API,” said Martin Davey, executive vice president of Industry Solutions, Thunderhead.com. “The API walkthrough area provides a quick and simple introduction to using the services and the REST API allows us to send out documents for signature, get real-time status updates, and embed DocuSign within our apps.”

Companies and developers interested in learning more about the new eSignature REST API standard and toolkit, upcoming webcasts, and other API resources should visit the DocuSign Developer Center at www.docusign.com/developer-center.


Coalfire, Federal Information Security Management Act of 2002, Government, HITRUST

Coalfire Accredited as FedRAMP Third Party Assessment Organization

Coalfire Systems, Inc. announced today that it has achieved accreditation as a FedRAMP (Federal Risk and Authorization Management Program) Third Party Assessment Organization (3PAO).

The FedRAMP program supports the U.S. government’s objective to enable U.S. federal agencies to use managed service providers that enable cloud computing capabilities, and Coalfire is one of the first ten accredited 3PAO firms. With this certification, Coalfire is the only assessment firm authorized to conduct cloud assessments for the federal government (3PAO), healthcare industry (HITRUST certified) and the payment card industry (Qualified Security Assessor).

FedRAMP provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. As a part of the FedRAMP process, cloud service providers (CSPs) must use a FedRAMP approved third party assessor to independently validate and verify that they meet the FedRAMP requirements.

“Moving to the cloud raises numerous security concerns for any business,” said Tom McAndrew, executive vice president, professional services at Coalfire. “For government agencies, these concerns can be even more sensitive since national security can be at risk. This accreditation further validates Coalfire’s expertise in cloud security and risk assessment and we look forward to working with CSPs on their FedRAMP initiative towards receiving an authority to operate (ATO).”

Receiving the accreditation of 3PAO means Coalfire will be able to validate the security and control implementations that CSPs must provide in order to work with and provide cloud services to federal agencies. 3PAOs are critical to the FedRAMP program, as they demonstrate the independence and competency of CSPs that host the government’s most crucial data.

In addition to demonstrating the requisite technical competency in FISMA and independence and quality management to achieve 3PAO accreditation, Coalfire has diverse leadership experience in additional vital compliance fields – in cloud and virtualization environments – such as PCI, HIPAA/HITECH and GLBA; backed with expert staff that includes former CIOs, CTOs and auditors. Coalfire staff are heavily experienced in those respective industry regulations and are located across the U.S. Coalfire has offices in seven major markets in the U.S. including the Washington, D.C. area.

FedRAMP implementation began earlier this month and will be done in phases – starting with 3PAOs assessing CSPs. Coalfire has already begun preparing agencies and cloud service providers for testing. The wave of activity is growing and includes assessments and penetration tests with interested CSPs this month. Inquiries for FedRAMP services can be made with Coalfire at 877-224-8077 or at http://coalfire.com/FedRAMP-3PAO.

For those interested in learning more about the FedRAMP certification process, Coalfire will be conducting a free webinar on July 10, 2012 at 2:00pm EDT / 11:00am PDT. Click here to register.


F5 Networks, IP address, IP Intelligence

F5 Announces New IP Intelligence Service

F5 Networks, Inc. today announced a cloud-based service that enables organizations to safeguard their infrastructures by detecting and stopping access from IP addresses associated with malicious activity. By identifying relevant IP addresses and leveraging intelligence from cloud-context security solutions, F5’s new IP Intelligence service combines valuable information on the latest threats with the unified policy enforcement capabilities of the BIG-IP® application delivery platform. The BIG-IP system’s ability to seamlessly combine subscription-based services from F5 with external services provides customers with a compelling new way to enhance overall security.

“Organizations are looking for security solutions that can dynamically synthesize information from a variety of sources to give infrastructures the maximum level of protection against sophisticated cyber attacks,” said Mark Vondemkamp, Sr. Director, Product Management, Security at F5. “At the same time, enterprises must preserve the flexibility to customize their systems and add safeguards as network and access conditions change, and as new types of threats emerge. F5’s IP Intelligence service enables customers to pool disparate threat detection capabilities, block malicious IP addresses, and tailor performance to specific needs by leveraging F5’s powerful BIG-IP Application Security Manager and iRules® technologies.”

Companies delivering today’s rich Internet content are exposed to a variety of attacks from rapidly changing IP addresses and other variables. In addition, inbound and outbound botnet traffic and malware activity can penetrate security layers and consume precious resources. Typically, organizations deploy point solutions such as IP reputation services to block malicious activity and sites, but unless these solutions are integrated with an Application Delivery Controller, they are not able to offer comprehensive, dynamic protection. Plus, enterprises can reduce their overall security spend by taking advantage of the BIG-IP solution’s ability to deliver unified services on a single platform.

Leveraging a frequently updated list of threat sources and high-risk IP addresses, F5’s new IP Intelligence service delivers contextual awareness and analysis of IP requests to identify threats from multiple sources across the Internet. The service draws on the expertise of a global threat-sensor network and IP address database to detect malicious activity, and can offer protection throughout the application delivery infrastructure with F5’s unified BIG-IP architecture.

F5’s new IP Intelligence service enables customers to:

By intelligently evaluating the reputation of Internet hosts, F5’s new service can prevent attackers from stealing data, compromising corporate resources, or otherwise disrupting business functions. F5’s new service denies access to IP addresses known to be infected with malware, in contact with malware distribution points, and with low reputations. Active IP addresses offering or distributing malware, shell code, rootkits, worms, or viruses are denied access. In addition, F5 helps organizations guard against many of today’s most prevalent web attacks, such as cross-site scripting, SQL injection, DDoS, and other threats associated with botnets. As an added benefit, this ability to detect and deny access stemming from unwanted requests results in increased infrastructure performance, since IT systems do not need to spend valuable cycles addressing requests from bad sites.

Deployed as part of the BIG-IP system, F5’s IP Intelligence service leverages data from multiple sources to effectively gather real-time IP threat information and block connections with those addresses. The service reveals both inbound and outbound communication with malicious IP addresses to enable granular threat reporting and automated blocking, helping IT teams create more effective security policies to protect their infrastructures. Even when a BIG-IP device is deployed behind a content delivery network (CDN) or other proxies, F5’s IP Intelligence service provides protection by looking at the real client IP addresses as logged within the X-Forwarded-For (XFF) header, helping IT make informed decisions about which IP addresses should be allowed.

F5’s IP Intelligence service alleviates the burden of repetitive, manual configuration tasks for network and security professionals, yielding greater overall efficiency. Global threat data is refreshed in the cloud to update the BIG-IP system as frequently as every five minutes. This provides an evolving database that minimizes the chance of exposure, protecting both the organization and its reputation. The IP Intelligence service’s automatic updates dynamically keep systems protected, and BIG-IP products can be easily configured to receive real-time updates for convenient security management across the application delivery environment. F5’s iRules capability provides a significant complement to this service, as organizations can seamlessly roll out additional commands that direct how BIG-IP systems handle certain types of traffic and specific requests.


Business Processes, Digital signature, Electronic Signature, Electronic Signatures in Global and National Commerce Act, Law

Security Concerns for Electronic Signatures and Cloud Technology

Signing documents has been a part of business contracts since before paper even existed. Having something in writing has always been what makes a transaction truly “official.” Lately, the next chapter in the written agreement is unfolding on the digital frontier. Electronic signatures are becoming the new standard for completing transactions all over the world.

As with any new technology, e-signatures raise almost as many questions as the problems they resolve. Are they legally binding? How can one know they are safe? Combine these concerns with the trend toward using cloud computing– and you have additional reasons for concern.

Let’s address some of the common issues and questions about e-signatures and cloud computing in this article.

Why Use Digital Signatures?

The reasons why digital or electronic signatures are preferred over hard copy are obvious. Contracts can easily be signed with people in other countries without waiting for mail, scanning documents or any of the other issues normally associated with getting something signed.

Digital signature systems that are properly designed also make it easy to maintain an audit trail of who signed what. This record keeping is very important in the event that legal action related to the contract must be taken. While scanning signed hard copies can provide quick response, it offers little of the audit trail that a third-party electronic system provides.

Are Electronic Signatures Legal?

Like anything that goes digital, people are always a bit worried about if it’s legal and safe. As far as legality goes, electronic signatures have been completely legal for over a decade. In 2000, the Electronic Signatures in Global and National Commerce law, or ESIGN, was passed making e-signatures legally binding and acceptable for transactions around the world. Europe and Canada followed suit and adopted similar legal laws.

Does this mean any kind of digital signature is a safe bet? Not really. Electronic signatures have been challenged in court. Important factors in making the signature legal was how secure the archiving and retrieval system was as far as the overall audit trail provided by the system. Knowing exactly who signed a document and verifying their identification was very important. Any electronic system used for collecting and archiving signatures should provide this level of authentication.

Electronic Signatures and Cloud Computing

With dedicated hosting on the decline and cloud computing becoming the new standard information technology infrastructure, some serious questions come up about how safe and secure your documents really are. How does cloud hosting of e-signing solutions present a security concern?

Many alarmists point to the shared nature of cloud hosting solutions as an automatic security risk. The fact that several computer systems share a single storage area network that may contain private data make some people nervous. The truth of the matter is though, the same level of risk exists on any system that is not properly designed and maintained.

Cloud computing systems have matured from an unreliable and unsecure prototype technology to a fully functional well-supported trustworthy infrastructure solution. Clear security protocols audit what all users do and partition data from one client away from that of another. Of course, any computer system is only as good as the technicians who maintain it. For this reason, it does pay to investigate what technology is behind the electronic hosting system that you select.

Fortunately, the industry of cloud hosting has lots of standardized security certification programs that include regular audits and a commitment to keeping systems up to date. If you make sure your e-signature solution is using such a system, you can rest easy knowing that your authentication and archive processes are safe and secure.

Electronic signature systems are definitely here to stay and have the legal and security behind them to make them a valid solution. Find out how you can streamline the legal aspects of your business by setting up one of these systems today.


Identity Governance Framework, Identity management, SailPoint AccessIQ, Single sign-on

SailPoint Announces Integrated Cloud Identity Management Solution for the Enterprise

Image representing Sailpoint Technologies as d...

Recognizing that cloud adoption is making identity management more complex and difficult for the world’s largest companies, SailPoint today announced SailPoint AccessIQ, which integrates cloud access management with rich identity governance and automated provisioning. AccessIQ provides convenient, easy-to-use services such as single sign-on (SSO) and self-service access request, while ensuring that cloud applications are managed within the same identity governance framework used for on-premises applications. Delivered as a cloud service, AccessIQ deploys quickly and allows enterprises to immediately take advantage of convenient cloud access services coupled with improved visibility and oversight over their usage.

“The consumerization of IT has changed business user expectations. They want fast, simple and convenient access to cloud services without being slowed down by IT processes and controls,” said Jackie Gilbert, VP and GM of SailPoint’s Cloud Business Unit. “And, we see a growing trend of ‘bring your own application,’ where workers self-provision cloud applications. Both scenarios make it more difficult to monitor and control when and where users are placing sensitive data in the cloud, which brings a host of security and compliance concerns. IT can’t manage compliance and risk if it doesn’t have visibility into the cloud applications used throughout the enterprise.”

Designed for empowered business users looking for a more flexible and agile way to address business challenges, AccessIQ provides an intuitive, tablet-like interface to deliver services that improve productivity and user satisfaction. AccessIQ includes an intuitive App Launchpad for one-click, single sign-on to cloud applications from any device, step-up authentication options for added security, as well as simple self-service application request capabilities, via an easy-to-use App Store. This empowers business users to safely use cloud applications for business or mixed-use purposes, with approvals and provisioning handled automatically based on organizational roles and security policies.

SailPoint AccessIQ, together with SailPoint IdentityIQTM, offers the richest set of end-to-end controls over cloud applications available today. AccessIQ’s integration with IdentityIQ provides an enterprise-grade governance platform for managing identities and applications in the cloud, with policy, role, and risk models unified with on-premises application identity management. To extend governance to applications outside the control of IT, AccessIQ provides:

  • Full visibility of user sign-on activity and account usage, enabling
    business unit procured applications and SaaS applications procured by
    individuals to be managed as part of an enterprise-wide identity
    governance strategy.
  • A flexible, risk-based approach to cloud application identities so IT
    organizations can tailor how they manage and control those
    applications without locking down the environment and getting in the
    way of the business.
  • Full audit reporting on application usage and “who has access to what”
    to demonstrate compliance and control monthly subscription expenses by
    promptly deprovisioning unused or unauthorized cloud application
    accounts.

SailPoint AccessIQ is a fully hosted, multi-tenant solution that seamlessly and securely integrates with SailPoint IdentityIQ. It will be generally available in Q3 2012 with per-user subscription-based pricing. For more information, visit: www.sailpoint.com/cloud.


Alert Logic, Covera Ventures, DFJ Mercury, Updata Partners, Venture Funding

Alert Logic gets $12.2 Million for Cloud Security

Image representing Alert Logic as depicted in ...

Alert Logic (Security-as-a-Service for the cloud) today announced that it has closed a $12.2 million round of financing led by new investors Industry Ventures and DH Capital, and joined by all existing investment firms and several members of the company’s management team including Updata Partners, Covera Ventures, DFJ Mercury, OCA Ventures and Access Venture Partners. Alert Logic will use the funding to accelerate the growth of its new Web Security Manager product line, including deployment of Web Security Manager throughout Alert Logic’s channel of hosting and cloud service provider partners, and to accelerate the growth and adoption of the company’s new elastic cloud security solutions.

“After tripling the size of our company in less than three years and building a customer base of over 1,700 customers representing nearly $30 million in annual recurring revenue, we remain focused on delivering security and compliance solutions to customers of cloud providers,” said Gray Hall, president and CEO at Alert Logic. “Adding new product lines such as Web Security Manager, and new deployment models such as our elastic cloud solutions, is exactly what our customers and partners are asking us to do. This additional capital gives us the ability to move more aggressively in each of these strategic new directions.”

“We are excited about adding Alert Logic as a portfolio company,” said Justin Burden, partner at Industry Ventures. “Having previously invested in security industry leaders such as Fortinet, Sourcefire and Tripwire, we consider cloud security to be one of the strongest investment themes in the IT industry and we believe Alert Logic will prove to be a cloud security market leader.”

“DH Capital has been the leading provider of financial advisory services to hosting and cloud service providers since the inception of the industry segment,” said Peter Hopper, co-founder and CEO of DH Capital. “Alert Logic has the strongest and most-developed channel of service provider partners in the industry, and is setting the standard for delivering SaaS managed security service solutions.”

Alert Logic’s Security-as-a-Service solutions provide customers four distinct advantages: market-leading security tools, a fully outsourced and managed SaaS delivery model, integrated 24×7 Security Operations Center (SOC) services to monitor and provide expert guidance, and the ability to deploy wherever a customer has IT infrastructure – including the cloud.


Arrowpath Venture Partners, Identity management, Venture Funding, Xceedium

Xceedium Gets $12 Million for Identity Management

Image representing ArrowPath Venture Partners ...

Xceedium, Inc., provider of Zero Trust privileged identity and access management solutions, today announced that is has closed a $12 million Series B financing extension led by existing investor ArrowPath Venture Partners. The new funds will be used to fuel continued growth and expansion of the company, with specific emphasis on Xceedium’s new cloud-based initiatives. As part of this aggressive growth strategy, the company also announced today the launch of Xsuite Cloud.

“The market for privileged identity and access management solutions is constantly growing and the push for enterprises to move to the cloud has only increased its potential,” said Morgan Rodd at ArrowPath Venture Partners. “Xceedium’s track record and strong management team were the key drivers for this extension. Xceedium has proven resources in place to capitalize on the growing demand for products that control and monitor privileged network access.”

Large enterprises and global government agencies have adopted Xsuite as a critical component of their security infrastructure to meet stringent security and compliance requirements – eliminating the risk of allowing employees and third parties unchecked privileged access to their networks. This financing round allows Xceedium to maintain that leadership position and to aggressively fuel its cloud-based initiatives with Xsuite Cloud. Xsuite Cloud is a comprehensive privileged identity and access management platform designed to provide additional protection for organizations that are taking advantage of the cost, power and scalability of Amazon Web Services (AWS) in conjunction with existing datacenter infrastructure.

“We are very pleased to be announcing this latest round of financing coincident with the unveiling of our new Xsuite Cloud offering,” said Glenn Hazard, Xceedium CEO. “We are seeing significant adoption of our privileged identity and access management solutions within both the commercial and federal sectors. As these customers adopt cloud and hybrid architectures, Xsuite Cloud along with this latest funding extension uniquely positions us to take full advantage of this growing market opportunity.”

In addition to ArrowPath Venture Partners, new investor Western Technology Investment joined existing investors in the Series B financing extension.


Education, Information technology, Scholarship

Online Tech Offers Data Security Scholarship to College Students

Online Tech is awarding two $1,000 scholarships to students interested in pursuing a career in information technology, computer sciences and healthcare information technology. The 2012 Data Security Scholarship will be available for the Fall semester of the 2012-2013 academic year.

Applicants should show an interest in cloud computing, data computing, disaster recovery, colocation and similar topics as it relates to the ever-changing fields of information technology and healthcare IT.

“Online Tech feels strongly about offering the scholarship in order to encourage tomorrow’s technology leaders to pursue higher education in their respective fields,” said April Sage, Online Tech’s Director of Healthcare Vertical and Marketing.

Scholarships awarded by Online Tech will be based on the applicant’s response to one of the following questions:

1. Healthcare: “What do you see as the best technology for improving healthcare and health IT?”

2. Mobile Security: “What do you see as the most serious mobile security threat facing consumers and/or companies and why?”

While the traditional essay submission is one option, Online Tech has also opened up the submissions to take the form of a short, 10-minute video or an infographic complete with a brief explanation.

All interested students can apply on Online Tech’s website by clicking here. Submissions should submitted no later than July 8, 2012. Winners for the award will be announced by August 10, 2012.


Total Defense

Total Defense Addresses Rampant Cybercrime by Launching Cloud Security Protection for Businesses

Total Defense, Inc. today announced the launch of Total Defense Cloud Security, an integrated cloud-based SaaS (Security as a Service) solution for Web and email protection. This new offering provides organizations with a powerful and versatile Web and email security platform that protects users anytime and anywhere.

The widespread use of the Web as a business tool, coupled with an increasingly mobile workforce, has enhanced corporate productivity, but it has also created new security challenges for companies that must balance providing access with protecting critical corporate assets and data. “The days of the typical business user accessing the Internet solely from the safety of a protected corporate network are over. Today’s workers are connecting from an array of different devices through a multitude of private and public networks, Wi-Fi hotspots, home networks and the like. Traditional appliance-based Web and Email security solutions are unable to address the evolving security needs of modern businesses,” said Paul Lipman, CEO of Total Defense.

“As social media becomes more prevalent, attack vectors are multiplying, forcing IT administrators to require a multi-layered security approach. Our new Cloud Security service complements our existing endpoint products by securing Web and email traffic, while protecting users and data, even when endpoints are outside of the corporate network. Total Defense Cloud Security delivers a comprehensive extra layer of protection for in-house, remote and mobile workers, while improving workplace productivity and reducing cost. Companies can now rest assured that their most valuable assets are safeguarded with multiple layers of protection,” added Lipman.

Total Defense Cloud Security provides users with a secure Internet connection, safe from threats and malware, while ensuring that Web browsing is appropriate and complies with acceptable use policies. Unlike competitors’ security SaaS offerings, the Total Defense service provides a fully unified solution for Web and email protection within a single management and reporting interface, delivering easy and flexible security for all of an organization’s users– wherever they are and on any device. No software installation or administration is required and there are no upfront implementation costs.

“Total Defense Cloud Security is an intuitive, integrated web & e-mail security product that is exceptionally easy to manage. It is extremely simple to provision and customers can be up and running in just a few minutes without ever worrying about server hardware and maintenance,” said Maurice Thompson, Network Administrator for RTL Networks.

Total Defense Cloud Security benefits include:

  • Security for Mobile and Remote Users – protection and policies
    that can be applied to users anywhere whether in the corporate
    environment, on the road or at home
  • Anti-Virus & Blended threat protection – detects and blocks
    virus attachments and malware including malicious URL links to ensure
    protection against the full range of threats that infect corporate
    networks via email
  • Anti-spam & phishing protection – employs latest range of
    anti-spam technologies including IP reputation and real-time content
    analysis to detect and block spam in the cloud before the email
    gateway even receives it
  • Application Control – enables control over social media,
    streaming media and Web-based messaging (E.g. Facebook, Skype, Google
    Talk, YouTube etc.)
  • Bandwidth Control – enables management of Internet bandwidth
    consumption and control over unnecessary, non-business use through
    flexible, policy-based controls
  • URL Filtering – utilizes latest range of Web filtering
    technologies including real-time content analysis and behavioral
    modeling in conjunction with more than 50 continuously updated
    categories of millions of websites
  • Highly redundant Global network – 27 geographic data center
    locations ensures global coverage and near zero latency
  • Comprehensive and Multi-layered Security – Cloud Security
    bundled with Total Defense r12 endpoint suite offers robust tools for
    businesses to secure their assets and data

Total Defense provides a free 15-day trial of Total Defense Cloud Web and Email Security that includes full reporting services to help businesses understand all of the service’s capabilities. To learn more, please visit: www.totaldefense.com/business


Load Balancing

Introducing the F5 Technical Certification Program

#F5TCP #interop You are now. Introducing the F5 Technical Certification Program.

f5friday

Can you explain the role of the Cache-Control HTTP header? How about the operational flow of data during an SMTP authentication exchange? Are you well-versed in the anatomy of an SSL handshake and the implications of encrypting data as it flows across the network?

Can you explain the features and functionalities of protocols and technologies specific to the Transport layer?

If so, then you won’t need to study nearly as much as many of your compatriots when you take the test to become an F5 Certified™ professional.

Introducing the F5 Technical Certification Program (F5-TCP)

F5_CertLogo_041012mdF5 Certified™ individuals represent a new breed of technologist – capable of manipulating the entire application stack from the traditional networking knowledge all the way to advanced application-layer understanding with a unique capability to integrate the two. Never before has any company created a program designed to bridge these worlds; a capability critical to the increasingly mobile and cloud-based solutions being implemented around the world today.

The need has always existed, but with the increasing focus on the abstraction of infrastructure through cloud computing and virtualization the need is greater today than ever for basic application delivery skills. Consider that at the heart of the elasticity promised by cloud computing is load balancing, and yet there is no general course or certification program through which a basic understanding of the technology can be achieved. There are no university courses in application delivery, no well-defined missing certlearning paths for new hires, no standard skills assessments. Vendors traditionally provide training but it is focused on product, not technology or general knowledge, leaving employees with highly specific skills that are not necessarily transferrable. This makes the transition to cloud more difficult as organizations struggle with integrating disparate application delivery technologies to ensure an operationally consistent environment without compromising on security or performance.

The F5-TCP focuses on both basic application delivery knowledge as well as a learning path through its application delivery products.

Starting with a core foundation in application delivery fundamentals, F5 Certified™ individuals will be able to focus on specific application delivery tracks through a well-defined learning path that leads to application delivery mastery.

Fundamentals being what they are – fundamental – the first step is to build a strong foundation in the technologies required to deploy and manage application delivery regardless of vendor or environment. Understanding core concepts such as the entire OSI model – including the impact of transport and application layer protocols and technologies on the network – is an invaluable skill today given the increasing focus on these layers over others when moving to highly virtualized and cloud computing environments.

As technologies continue to put pressure on IT to integrate more devices, more applications, and more environments, the application delivery tier becomes more critical to the ability of organizations not just to successfully integrate the technology, but to manage it, secure it, and deliver it in an operationally efficient way. Doing that requires skills; skills that IT organizations often lack. With no strong foundation in how to leverage such technology, it makes sense that organizations are simply not seeing the benefits of application delivery they could if they were able to fully take advantage of it.

testing tracks

quote-badgeApplication delivery solutions are often underutilized and not well-understood in many IT organizations. According to research by Gartner, up to three-quarters of IT organizations that have deployed advanced application delivery controllers (ADCs) use them only for basic load balancing. When faced with performance or availability challenges, these organizations often overlook the already-deployed ADC, because it was purchased to solve basic server load balancing and is typically controlled by the network operations team.

Gartner: Three Phases to Improve Application Delivery Teams 

F5 is excited to embark on this effort and provide not just a “BIG-IP” certification, but the fundamental skills and knowledge necessary for organizations to incorporate application delivery as a first class citizen in its data center architecture and fully realize the benefits of application delivery.

F5 Certification Resources

Connect with Lori: Connect with F5:
o_linkedin[1] google  o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1] google

Related blogs & articles:

read more