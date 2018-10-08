Log in
F5 : Supply-Chain Hacks and Hardware’s Role in Security

10/08/2018

The Challenge of Securing What You Don't Control

At this point, I'll mention that F5 does not maintain a manufacturing relationship with Super Micro or any other server motherboard OEM. (For more details, please reference the AskF5 knowledge base article related to the recent industry news.) This moment does provide a good opportunity, though, to reinforce the significance of companies that can employ a rigid set of processes to protect against tampering with its hardware, firmware, and software at any point during development, manufacturing, and assembly. After all, if you have to rely on hardware somewhere along the line, doesn't it make more sense to rely on a vendor with hardware expertise?

While you'll undoubtedly find vendors that are all too willing to make the hardware elements of security 'someone else's problem,' this approach is often incomplete. If you need assurances around the hardware that is supporting your infrastructure, you want a vendor that isn't going to play Hot Potato with the responsibility of ultimately protecting your assets. So, for the remainder of this article, we'll explain what F5 does to mitigate this risk for its customers, and then identify some questions you can ask of vendors to make sure they are responsibly limiting your exposure. But here's the tl;dr version: If you don't know how or where your infrastructure hardware is designed, manufactured, tested and assembled, you might have reason to be concerned-with F5, on the other hand, the process never leaves our oversight.

What F5 Brings to the Table: The Complicated Bit

F5 is headquartered in Seattle and our hardware design and development takes place at a company facility east of Seattle in Spokane. This team oversees every aspect of F5 hardware development. Born out of a desire to develop hardware specifically to power our ADC platform, BIG-IP, this allows us to integrate fanatical attention (in a good way!) to the security of our hardware.

It helps to pause here for a (very) quick overview of how hardware is designed and developed. The preliminary design is done in CAD software, from which a vector image of the board is generated. This is called a Gerber file, based on the de facto industry standard format for these images. From that file, a printed circuit board (PCB) is fabricated. The PCB is just the base board-the circuit traces and pinouts. The next step is to fabricate a printed circuit assembly (PCA), which adds the actual components (CPUs, memory, ICs, transistors, etc.) to the PCB.

Disclaimer

F5 Networks Inc. published this content on 08 October 2018 and is solely responsible for the information contained herein. Distributed by Public, unedited and unaltered, on 08 October 2018 17:37:06 UTC
