Application delivery networking vendor F5 Networks is increasing the security of its BIG-IP solution with a slew of new DNS capabilities and a cloud-based IP Intelligence service that detects and prevents access from malicious IP addresses.

The new DNS services can trim network latency by incorporating DNS caching and resolving, DNSSEC validation and monitoring into its existing DNS offering. According to F5, the number of DNS queries required to render a webpage is growing exponentially -- as many as 100 DNS name resolutions may be required for one webpage, according to the company. Obviously, the increase in queries can slow down the rendering and load time, said Jonathan George, product marketing manager at F5.

“In the past companies have simply thrown more DNS servers at the problem, but that can be expensive and it can a negative affect on the network,” he said.

The DNS services work with F5’s BIG-IP Global Traffic Manager, which intelligently and automatically routes network traffic to the closest or best-performing data center based on business policy, geolocation and volume spikes, according to the company. In addition, F5’s iRules enable companies to set how specific DNS requests are handled, ensuring the most critical requests are handled first, for example.

F5’s IP Intelligence, meanwhile, is a new cloud-based subscription service that provides companies with real-time, up-to-the-minute information on malicious or nefarious IP addresses to prevent attacks on the network.

“This is context-based delivery and protection,” George said. “It’s an extra layer of IP threat protection, and because it’s a subscription-based service, it’s a simple way to deliver added intelligence to inbound and outbound traffic to lower threats.”

IP Intelligence incorporates and presents data culled from a third-party source every five minutes, enabling companies to act on threats right away.

“IP Intelligence includes eight categories companies can select and configure based on their needs. That information is then loaded onto BIG-IP, which does a very quick reference of these categories against incoming and outgoing IP addresses, and if an IP address comes up that is not approved and known to have malicious activity, it’s blocked,” he said.

The cloud-based subscription is being offered in a tiered per-device pricing structure, which runs “about $5,000-$10,000 at the low level to $50,000 for high-throughput devices,” George said. Three-year subscriptions also are available, and both the updated DNS capabilities and the IP Intelligence offering are available to F5’s channel partners to sell.

With security a major concern among companies considering the cloud, F5’s latest offerings should add some level of confidence that networks won’t be brought down as easily as some might imagine. They also should serve as an excellent conversation-starter for resellers looking to secure their customers’ networks even further.