F5 Distributed Cloud Services FAQ

Why F5 Distributed Cloud Services

How do F5 Distributed Cloud Services work?

F5 Distributed Cloud provides services - F5® Distributed Cloud Mesh (Mesh) to connect & secure and F5® Distributed Cloud App Stack (App Stack) to deploy & operate your apps across the edge, multi-cloud, and our global application delivery network. Using this SaaS platform, we remove the need for you to deploy and integrate many disparate networking and app services -- dramatically reducing cost and simplifying operations for NetOps and DevOps.

  • Mesh delivers networking and security services from our high-performance global network. Our SaaS platform can also deploy the same service in your cloud or edge location, giving you a globally distributed app gateway for app-to-app and internet traffic.
  • App Stack provides platform services for distributed infrastructure and apps across the edge, cloud, and our global network. App Stack automates deployment, security, and operations of multiple app clusters to deliver a logically centralized cloud for the customer.

How do I get started with F5 Distributed Cloud Services?

We highly recommend that you sign-up for a free account to build or secure any app. Since there are multiple different solutions that can be built using our services, we also request that you look at different use-cases on the website. Each of these use-cases also comes with quick-start documentation to ease your on-boarding process.



Billing & Charging

Can I use F5 Distributed Cloud Services for free?

Yes, we provide a completely free plan that provides both Mesh and App Stack services for your test/dev or production needs.


Why does F5 Distributed Cloud Services offer a free plan and how does it benefit from it?

F5 Distributed Cloud Services believe that cloud services are going to be the dial-tone of the future and everyone should have “universal cloud access”. A free plan was devised at the inception of the company to deliver universal access in a cloud-neutral manner across any provider while also providing the flexibility to “build your own distributed cloud” across multiple cloud providers or your own edge locations. All traffic generated by our free users goes towards improving our security algorithms and operational capabilities -- providing a direct benefit to all our customers.


What can I do with the free plan?

The free plan gives you the flexibility to deploy various different capabilities:

  1. Deploy containerized apps in our global application delivery network using your existing K8s deployment spec. You can deploy up-to 8 containers across our global network to deliver lightning-fast performance to a global audience -- no need to manage any K8s clusters, load balancers, or worry about the security of the app.

  2. Secure an already running app in one or two cloud locations (even across two different cloud providers). It is as simple as configuring a virtual load-balancer in our network and providing the IP addresses of the origin server(s). If you don't want your origin servers to be exposed to the public internet, you also get the flexibility to deploy up to two Mesh nodes in each of the cloud location(s) to privately and securely connect your origin servers to our global network without exposing your app to the public internet.

  3. Deploy App Stack software on a VM in your public/private cloud location(s) or on a certified hardware in your edge location. This gives you a fully managed app platform that is not only distributed in the cloud/edge but also in our network (with up to 8 containers in our global network). You can deploy and operate as many apps in your cloud or edge location.


  4. You can create many other combinations based on your imagination - for example, deploying SDWAN across two locations and creating networks and security policies across these two locations and to the public internet. These are just some of the good examples that we can think of and we are sure that you will dream of many more.


Why would I need to upgrade from the free to a paid plan?

You will need to upgrade from the free plan to the individual plan if you scale your deployment beyond the noted levels or need to manage more apps or locations. Alternatively, you might require the advanced security services, additional analytics data, or advanced support that comes with our teams or organization plan. These two higher value plans will require you to sign-up directly for one of these plans or open a support ticket to move from free/individual to one of these plans.


Why do you provide a monthly coupon?

For individual and team plans, we provide a monthly coupon that is meant to deliver value that is equivalent to the value we deliver in the free plan. We don’t want to disincentivize our users as they migrate from the free to paid plan. The coupon will offset consumption-based service charges that are billed at the end of your billing cycle.


What will be my billing date?

The date you migrate from the free to a paid plan will be your recurring billing date. If you directly signed-up for a paid plan, your sign-up date will be the recurring billing date.

For Organization plans only:

In case you signed up for an organization plan, the billing date will be the end of the month. If you signed up for the organization plan anytime in the middle of the month, the first bill will be at the end of the month, prorated based on the date you signed up. Subsequent billing dates will be at the end of each month.


When do you charge my payment method?

There are two major components of your bill, a fixed subscription fee charge and variable charges based service usage. There is one bill generated at the end of the billing cycle that includes both the fixed subscription fee charge and the variable charge. And there will be one transaction at the end of the billing cycle on your payment method.


Can I get a preview of my usage before I am billed?

Yes you view the cycle to date usage and costs incurred in the billing section of F5® Distributed Cloud Console. You can view usage details per hour in the “Usage Details” page in the billing section of Console. In addition, you can get a cycle to date summary of your bill in the “Usage Summary” page in the billing section of Console.


What happens when I upgrade or downgrade my plan?

The upgrade and downgrade is currently supported for

  • from/to free and individual plans

  • from/to teams and organization plans. For teams and organization plan, downgrade to free plan requires you to close the account and open a separate free or individual plan.


What happens when I change my plan in the middle of my subscription period?

You are free to change the plan at any time of your subscription period and will be charged pro-rata for the amount used based on the plan.


What currency is used for billing?

All transactions to your billing method on file will be billed in US Dollars. We do not offer local currency billing for non-organization plans.


What happens if my organization is tax exempt?

If you are eligible for tax exemption, you can request “Tax Exempt Status” by submitting requisite documentation such as Tax Exempt Certificate on Console under Billing Settings section. Refer to the tax exempt documentation here for more details.


How can I upgrade my account from Free Plan to Individual or Teams Plan ?

At this time, we request you to please signup for a new account under the Individual or Teams plan as required. You can keep your existing account in Free Plan or delete it at your convenience. We will be supporting the upgrading of an existing account soon.


How can I upgrade my account?

At this time, we request you to please sign up for a new account under the Plan required. You can keep your existing account or delete it at your convenience. We will be supporting the upgrade of an existing account soon.


How can I downgrade my account from Teams Plan to Free Plan?

If you wish to downgrade from Teams Plan to Free Plan, you will need to delete your account in the Teams plan and create a new account in the Free plan.

Your charges will be prorated for the time and usage for the duration of the plan. You will receive an invoice upon closure of your account under the Team plan. And you will begin a new subscription when you open an account under the Free plan.

Please read the documentation here on how to delete your tenant.

You can create a new account in a Free plan at any time, even before deleting your Teams plan account.


How can I downgrade my account from an Individual Plan to a Free Plan?

At this time, if you wish to downgrade from an Individual Plan to a Free Plan, you will need to delete your account in the Individual plan and create a new account under the Free plan.

Your charges will be prorated for the time and usage for the duration of the plan. You will receive an invoice upon closure of your account under the Individual plan. And you will begin a new subscription when you open an account under the Free plan.

Please read the documentation here on how to delete your account.

You can create a new account under the Free plan at any time, even before deleting your Individual plan account.



What personal information of mine does F5 Distributed Cloud Services store in its cloud?

F5 Distributed Cloud stores PII information within its cloud storage - name, email, user-id, billing address, phone number in its cloud. For every API call made by the customer, we encrypt and decrypt the calls and store a log for audit-ability -- this includes geo-IP location, device type, and device software used to make these API calls. In addition, the customer's credit card information is stored with PCI compliant service from Stripe, Inc.


What is your privacy policy?

Our Privacy Policy can be found here. Also, see our California Privacy Policy and Do Not Sell My Information Policy.


What are the terms of your service?

Our terms of service can be found here.


Can you provide some details on the security aspects of VoltShare?

VoltShare delivers a very simplified workflow for securely sharing and/or even storing sensitive data. The detailed FAQ for VoltShare is available here.



Compliance

What is PCI DSS compliance?

The PCI DSS (Payment Card Industry Data Security Standard) is an information security standard designed to increase controls around cardholder data to reduce payment card fraud.

PCI compliance means obeying a set of security standards for card data, and any company that processes card transactions has to be PCI compliant. Transactions with credit cards, debit cards, and prepaid cards are all included within the scope of PCI compliance.

The standard applies to any organization that stores, transmits, or accepts cardholder data over the Internet, over the phone, in an app, or in person.

Cardholder data includes:

  • Primary account number: The account number on the card, typically 16 digits long
  • Full name: The name of the cardholder
  • Expiration date: The month and year when the card expires
  • Service code: The 3-digit or 4-digit code listed on the back of the card

What is PCI-DSS?

PCI DSS stands for “Payment Card Industry Data Security Standard”. PCI DSS is a set of 12 overall information security standards, each with multiple sub-requirements, for keeping card data secure.

The standard is administered by the PCI SSC (Payment Card Industry Security Standards Council), which was founded in 2006 by American Express, Discover, JCB International, MasterCard, and Visa Inc. These five credit card companies collaborated to create PCI-DSS Version 1.0 in December 2004. As of 2019, the latest version, version 3.2.1, was released in May 2018. However, these standards will continue to be updated over time.

The PCI DSS specifies 12 requirements that are organized into 6 control objectives and contain more than 250 items to cover.

pci dss reqs
Figure: PCI DSS Requirements

Note: These are summarized versions of the actual standards. See the official PCI-DSS website for the full standard documentation


Whom does PCI DSS apply to?

The standard applies to any organization that stores, transmits, or accepts cardholder data over the Internet, over the phone, in an app, or in person, even if a company uses a third party for processing card transactions or doesn’t store card information.


How is PCI compliance achieved?

For small- to medium-sized businesses, PCI compliance works on an honor system for the most part. Large enterprises need to be assessed by an auditor to confirm their PCI compliance.

PCI DSS divides companies (or “merchants,” as the standards call them) into 4 levels based on the number of card transactions processed each year. The levels are:

  • Level 4: Fewer than 20,000 transactions per year
  • Level 3: Between 20,000 and 1 million transactions per year
  • Level 2: Between 1 and 6 million transactions per year
  • Level 1: More than 6 million transactions per year

These definitions are mostly accurate, but every credit card company defines the levels slightly differently. It’s important for merchants to check with each card provider to see which level they are.

The way a merchant can get certified as PCI compliant changes based on their level. Level 2-4 merchants have to fill out and submit a self-assessment questionnaire once a year. They also need to have an Authorized Scanning Vendor (ASV) scan their systems for vulnerabilities every quarter.

Level 1 merchants need a certified auditor, either a Qualified Security Assessor or an Internal Security Assessor, to audit their PCI compliance and submit a report. The auditing takes place either once a year or once a quarter (depending on the card company). Level 1 merchants need a quarterly vulnerability scan as well.

Finally, all merchants need to fill out and submit an Attestation of Compliance (AOC) form, which is basically a statement to the credit card company that the merchant is PCI compliant.


Is F5 Distributed Cloud PCI compliant?

F5 Distributed Cloud has been PCI Certified as Level 1. This is the highest and most stringent level, allowing us to process more than 6 million transactions annually. Level 1 assessment consists of an external and independent audit performed annually by a QSA (Qualified Security Assessor).


Which F5 Distributed Cloud Services are covered by the PCI DSS certification

F5 Distributed Cloud Services platform includes network and application layer security, as well as distributed denial of service (DDoS) protection for online enterprises. In the PCI DSS certification process, the entire F5 Distributed Cloud global infrastructure has been audited (Console, Control Plane, and all data centers) as well as our security policies and software development processes.

The PCI DSS objective is to protect cardholder data, therefore F5 Distributed Cloud's certification focused on our Mesh service. F5 Distributed Cloud does not process nor store cardholder data in any manner since Mesh acts as a reverse proxy between customers’ origin servers (merchant or payment service provider) and end consumers. F5 Distributed Cloud treats all communication from the end consumer (which could potentially include PAN (primary account number), security code, and expiration date) to the origin server as opaque data; it does not know if the data includes cardholder data or not, and does not apply any special treatment for cardholder data vs. not. F5 Distributed Cloud’s Level1 certification ensures that any action performed on customer traffic by the global infrastructure complies with PCI DSS requirements.


How does F5 Distributed Cloud help merchants attain PCI compliance?

For e-commerce merchants, payment service providers, and more generally any customer that stores, transmits, or accepts cardholder data, F5 Distributed Cloud's Level 1 certification will greatly facilitate our customers’ own PCI DSS compliance.

Furthermore, using F5 Distributed Cloud's Mesh services that includes a web application firewall (WAF), helps our customers meet their own PCI requirement 6.6.

F5 Distributed Cloud also enables merchants to use the latest versions of TLS encryption, another important part of PCI compliance.


What is the benefit of F5 Distributed Cloud's PCI compliance to our customers?

F5 Distributed Cloud Services provide distributed cloud services enabling clients to deliver applications and services quickly and securely. By complying with the arduous requirements of PCI DSS, we are providing to all our customers an independent and industry-accepted security review of our processes, policies, infrastructure, and software development methodology.

For e-commerce merchants, payment service providers, and more generally any customer that stores, transmits, or accepts cardholder data, F5 Distributed Cloud's Level 1 certification will greatly facilitate our customers’ own PCI DSS compliance.

Furthermore, using F5 Distributed Cloud's Mesh services that includes a web application firewall (WAF) will help our customers meet their own PCI requirement 6.6.

F5 Distributed Cloud also enables merchants to use the latest versions of TLS encryption, another important part of PCI compliance.