Introducing the Application Delivery Top 10
There are a lot of 'top 10' lists in the industry. Predictions, mostly, but the ones that stick are the ones that provide insight into the top challenges faced by organisations trying to deliver and secure applications and APIs.
Well, to be fair, most of the best-known top 10 lists are about security.
The Open Worldwide Application Security Project (OWASP) has built and maintained several lists that help organizations every day keep their applications, APIs, and now LLMs, secure from the incredibly robust array of attacks that threaten to disrupt business.
But no one to date has a top 10 list of challenges that threaten the delivery of applications, APIs, and, yes, generative AI.
Until now.
Application delivery may have started with the simple—but powerful—load balancing proxy, but it has evolved along with applications to incorporate a wide array of capabilities designed to ensure availability, enhance performance, and secure the increasingly important digital assets that power today's Internet economy.
F5 has been there through every major application shift since the early days of the Internet. We've seen it all through the eyes of our customers. From that experience we've come to understand the most common challenges organisations face—and how to solve them.
Based on that, we decided it was time to share that knowledge. And, thus, was born the Application Delivery Top 10.
The Application Delivery Top 10 is a list of the top 10 challenges organisations encounter on their journey to deliver and secure every application and API, anywhere.
It is our belief that sharing such a list will enable organisations to address—or even better, avoid struggling with—the challenges of delivering and securing a hybrid, multicloud application and API portfolio.
Like the OWASP Top 10, this list is not designed to be a 'one and done' effort or encompass every delivery challenge organisations will face.
That's why we plan to reexamine the list and, if necessary, update it on an annual basis.
Weak DNS Practices
The Domain Name System (DNS) is a critical component of the internet's infrastructure, translating domain names into IP addresses to route user requests to the appropriate servers. However, weak DNS practices can compromise application performance, availability, and scalability.
It can also significantly degrade application performance by increasing query response times and causing delays in resolving domain names. When Time-to-Live (TTL) settings – numerical values that indicate how long a data packet or record should exist on a network before it is discarded – are too low, DNS queries must be resolved more frequently. This increases the load on DNS servers and slows down application response time.
Additionally, improperly configured DNS servers or the lack of DNS security features like DNS Security Extensions (DNSSEC) can introduce delays by allowing unauthorized users to hijack or redirect traffic to slower or malicious servers.
Weak DNS practices can severely impact the performance, availability, scalability, and operational efficiency of applications. However, by implementing DNSSEC, optimising TTL settings, and securing dynamic DNS updates, organisations can mitigate these risks and create a more reliable DNS infrastructure.
Lack of Fault Tolerance and Resilience
The lack of fault tolerance and resilience in application delivery strategies can lead to significant performance issues, reduced availability, and scalability limitations. By implementing load balancing, failover mechanisms, and programmable infrastructure, organisations can create a more resilient system that supports continuous availability and optimal performance, even under challenging conditions. Emphasizing fault tolerance enhances user experience, reduces operational overhead and supports efficient scalability, ensuring that applications can meet the demands of today's fast-paced digital environment.
Incomplete Observability
Observability is a critical aspect of modern application delivery, providing visibility into the health, performance, and usage of applications and infrastructure.
Poor visibility becomes particularly problematic in complex environments, such as AI-driven applications, where real-time insights are essential.
Ultimately, incomplete observability in application delivery can lead to performance degradation, reduced availability, limited scalability, and operational inefficiencies. By implementing comprehensive monitoring and logging, adopting standardised observability with OpenTelemetry, and utilizing dynamic alerting with automated responses, organisations can overcome these challenges.
Insufficient Traffic Controls
Effective traffic management is essential for delivering a seamless user experience, particularly as applications scale to support larger audiences and more dynamic workloads. However, insufficient traffic controls can lead to issues like overloading backend services, susceptibility to Distributed Denial of Service (DDoS) attacks, and inefficient resource usage.
By implementing rate limiting, throttling, and caching mechanisms, organisations can manage traffic more effectively, prevent service disruptions, and support scalable growth.
Emphasising robust traffic management practices is essential for delivering high-performance, resilient applications that can adapt to changing user demands and provide a consistent experience across diverse environments.
Unoptimised Traffic Steering
Unoptimised traffic steering—caused by static routing policies, lack of dynamic decision-making, or insufficient load-balancing algorithms—can lead to performance bottlenecks, inconsistent availability, and limited scalability.
In AI-driven applications, where processing needs can vary based on data types and user demand, efficient traffic steering is essential for maintaining responsiveness.
By adopting best practices such as dynamic routing, intelligent load balancing, and programmable ADCs, organisations can optimize traffic flows, improve resource utilisation, and ensure that applications meet variable demand.
Inability to Handle Latency
Latency is a key factor affecting application delivery, particularly in data-intensive environments like AI applications. The inability to handle latency effectively can lead to performance issues, reduced availability, and limited scalability, especially as applications grow and user demands fluctuate. Latency bottlenecks result from various issues, such as suboptimal data routing, inefficient processing, and inadequate resource allocation.
By implementing optimized data routing, edge computing, and adaptive resource allocation, organisations can mitigate latency challenges and support a high-performance, resilient infrastructure.
Incompatible Delivery Policies
In hybrid multicloud environments, incompatible delivery policies can pose significant challenges to application performance, availability, scalability. It can also lead to soaring operational overheads. Incompatibilities of this nature often arise when organisations use multiple cloud providers, each with unique traffic routing, security, and data handling protocols.
According to LoadView, a leading cloud-based load testing platform, applications with inconsistent delivery policies across multiple regions experience 50% more latency in cross-border data transfers than those with region-specific optimisations.
By standardising metrics, aligning service capabilities, and leveraging programmable infrastructure, organisations can overcome these challenges.
Emphasising consistency and flexibility in delivery policies ensures that applications can maintain high performance, availability, and scalability across a hybrid multicloud infrastructure.
Lack of Security and Regulatory Compliance
As governments worldwide enforce stricter laws on data sovereignty, security, and privacy, regulatory compliance has become essential. Organisations failing to meet these regulations exposes applications to security vulnerabilities and introduces performance bottlenecks and scalability constraints. These challenges are particularly prevalent in AI-driven applications.
By implementing strong encryption, utilizing Federal Information Processing Standards (FIPS)-compliant devices, and adopting automated compliance tools, organisations can address these risks and support secure, scalable, resilient and compliant application delivery.
Bespoke Application Requirements
As digital applications become increasingly specialised, organisations are often faced with unique requirements that standard infrastructure cannot support.
Programmability within the application delivery infrastructure offers a powerful solution to such challenges, enabling organisations to tailor their infrastructure to support complex, customised requirements.
Bespoke application requirements often challenge traditional application delivery solutions, as they require customisation that standard infrastructure cannot provide. By leveraging programmability within the application delivery infrastructure, organisations can adapt to these unique demands, ensuring high performance, availability, and scalability.
Furthermore, programmable infrastructure enables seamless transitions, integrates new services efficiently, and supports custom load balancing, allowing organisations to deliver reliable and responsive services that meet the specific needs of their users.
Poor Resource Utilisation
Many organisations struggle with resource inefficiencies due to mismatched distribution algorithms or inadequate health check mechanisms.
These inefficiencies can lead to wasted compute power, increased operational overhead, and strained infrastructure, ultimately impacting performance, availability, and scalability.
By leveraging programmability, intelligent health checks, and dynamic traffic steering, organisations can optimise resource usage, improve application performance, and enhance scalability.
Full details of the Application Delivery Top 10, including mitigation best practices, can be found here: https://www.f5.com/resources/articles/the-application-delivery-top-10
Image Credit: F5
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Zawya
12 hours ago
- Zawya
Saudi report shows 97.7% of businesses have internet access, 57.7% use social media
RIYADH — Nearly all establishments in Saudi Arabia (97.7%) are connected to the internet, while 57.7% of those with internet access use social media platforms, according to the 2023 'Nafath' statistics on information and communications technology usage by businesses, released by the General Authority for Statistics. The data shows that 94.1% of establishments have a dedicated business email, and 70.3% maintain a mobile phone specifically for their operations. About 75.5% operate with internal networks and fixed connections, while 91.3% have used government e-services, such as accessing information, downloading and submitting forms, or completing transactions online. Additionally, 73.1% of establishments reported completing government forms electronically, and 65.6% utilized cloud computing services for financial or accounting software applications. © Copyright 2022 The Saudi Gazette. All Rights Reserved. Provided by SyndiGate Media Inc. (
Broadcast Pro
21-07-2025
- Broadcast Pro
Elcome launches offline VoD service for ship crews
The innovative system allows offline streaming to as many as 26 devices simultaneously via a local network, eliminating the need for costly satellite data usage during content playback. Maritime technology specialist Elcome International has unveiled a new Video on Demand (VoD) service designed to deliver high-quality, culturally relevant entertainment directly to ship crews personal devices, without affecting the vessels internet bandwidth. The new Elcome VoD service facilitates the simultaneous broadcasting of a diverse range of content across up to 26 separate devices via offline streaming, with no impact on the vessels Internet speed. The service is based on flexible subscription models, with monthly, quarterly, or annual options managed by the ship operator, rather than the crew. 'Until now, most crews could only watch a single TV channel at a time in the mess hall, often in a language foreign to their own,' said Elcomes Senior Manager – Connectivity, Asneed Ameer. 'With Elcome VoD, seafarers can now unwind in their own cabin with a library of movies, TV series, podcasts, and news programmes in their preferred language with zero impact on ships satellite bandwidth or connectivity costs.' Unlike conventional streaming services that rely on costly satellite data, Elcomes VoD system installs an onboard media server that pulls content updates overnight, on a daily and monthly schedule, during low-traffic windows. The continuously refreshed library streams entirely over the ships local network, meaning satellite Internet is used only during the scheduled update window. The platform is available with two subscription options. A basic package includes 160 movies and 189 hours of TV content, while a premium package offers 200 movies and over 830 hours of TV. The premium package also includes Euronews or ABS-CBNs TV Patrol. 'Shipowners gain a cost-effective crew welfare enhancement that supports retention and morale, while crews get entertainment that respects their cultural and language preferences,' added Ameer. 'Access to daily news also helps crews feel informed, connected to home, and part of the wider world, something many seafarers feel they miss out on with a career at sea.' The content catalogue is curated for seafarers of all nationalities, with genre-rich selections and cultural bundles tailored to Indian, Filipino and multinational crews. The service is already being trialled aboard a number of vessels, including offshore support ships and merchant fleets. 'This isnt a consumer app repurposed for ships. Its a custom-designed solution built for life at sea. We are not only providing a better experience, but we are also protecting the shipboard bandwidth vital for business-critical communications.' According to Elcome, VoD pricing is competitive and comparable to the monthly costs equivalent to two consumer streaming subscriptions, but without the hidden data costs typical of online entertainment.
Channel Post MEA
21-07-2025
- Channel Post MEA
Most Enterprises Fall Short In AI Readiness: F5
F5 has unveiled its 2025 State of AI Application Strategy Report, revealing that only 2% of global organizations are highly ready to scale AI securely across operations. The report compiles insights from 650 global IT leaders and additional research with 150 AI strategists, representing organizations with at least $200 million in annual revenue. The report unveils stark truths about the state of AI readiness for enterprises today and their ability to adapt at sufficient speeds to keep pace with new innovations. The most notable findings of the report reveal that while 77% of companies demonstrate moderate AI readiness, most lack robust governance and cross-cloud security, exposing them to risks. Meanwhile, 21% of companies fall into the low-readiness category, limiting their competitive edge as AI transforms industries. F5's research reveals trends illustrating the rapid expansion of AI use by today's enterprises. All told, 70% of moderately ready organizations have generative AI in active use, and virtually everyone else is working on it. Additionally, 25% of apps, on average, use AI. Highly ready organizations typically use AI in a much higher percentage, with portfolio-wide saturation expected. Low-readiness organizations use AI in less than one-quarter of their apps, typically in siloed or experimental settings. Moderately ready organizations currently have AI present in about one-third of applications. The report provides a snapshot of the latest trends in enterprises grappling with embracing AI. Nearly two-thirds of survey respondents (65%) use two or more paid models and at least one open-source model. The average organization uses three models, and the use of multiple models correlates with deployment in more than one environment or location. The majority of models in use today are paid models such as GPT-4, but open-source alternatives are also popular. The top open-source models cited are Meta's Llama variants, Mistral AI variants, and Google's Gemma. 'As AI becomes core to business strategy, readiness requires more than experimentation—it demands security, scalability, and alignment,' said John Maddison, Chief Product and Corporate Marketing Officer at F5. 'This report highlights actionable steps for organizations to operationalize AI with confidence. AI is already transforming security operations, but without mature governance and purpose-built protections, enterprises risk amplifying threats.' Cybersecurity Challenges in AI Adoption The report highlights critical cybersecurity issues as organizations scale AI capabilities, revealing concerning trends about enterprises' ability to tackle the complexity of securing AI workloads. Key cybersecurity trends identified in the report include: Organizations see AI as a viable cybersecurity asset: 71% of all respondents already use AI to augment security. 71% of all respondents already use AI to augment security. AI-specific protections are lacking: Only 18% of moderately ready organizations have deployed an AI firewall, with 47% aiming to have done so within a year. Only 18% of moderately ready organizations have deployed an AI firewall, with 47% aiming to have done so within a year. Data governance weaknesses: Just 24% of organizations practice continuous data labeling, indicating reduced transparency and increased risks of adversarial attacks. Just 24% of organizations practice continuous data labeling, indicating reduced transparency and increased risks of adversarial attacks. Cross-cloud inconsistencies: Hybrid environments create governance gaps, leaving workflows and data exposed to vulnerabilities. Hybrid environments create governance gaps, leaving workflows and data exposed to vulnerabilities. Expanded attack surface: The use of diverse AI models exacerbates risks without proper control frameworks for open-source tools. Recommendations to Improve AI Readiness The report introduces the AI Readiness Index, a framework measuring six factors of operational maturity, including security and infrastructure alignment. F5 outlines key actions for enterprises to enhance AI scalability and security, including: Diversify AI models: Use both paid and open-source AI tools while improving governance to mitigate risks. Expand AI use across workflows: Move beyond pilots and embed AI in operations, analytics, and security for enterprise-wide transformation. Integrate AI-specific security: Deploy protections like AI firewalls and formalize data governance processes, including data labeling, to safeguard workflows. Organizations with high AI readiness can scale effectively, mitigate risks, and leverage innovation strategically. Those without maturity frameworks face operational bottlenecks, compliance challenges, and stifled growth. The AI Readiness Index serves as a roadmap for enterprises to benchmark progress and implement actionable changes for secure scalability. Download the 2025 State of AI Application Strategy Report to benchmark your readiness, identify gaps, and accelerate secure AI scaling. 'The research in the State of AI Application Strategy Report aligns with what we're observing across the Middle East, where many organisations are increasingly integrating AI into their operations, often without all the necessary levels of governance or safeguards in place,' said Mohammed Abukhater, RVP for the Middle East, Türkiye, and Africa at F5. 'While most companies demonstrate moderate AI readiness, they still need to ensure robust governance and comprehensive cross-cloud security to avoid exposure to significant risks. In line with the report's AI Readiness Index, we are committed to empowering our customers to embed AI in their operations for seamless application delivery and security.'
