The BIG-IP Advanced Firewall Manager (AFM) from F5 brings together security and deep application fluency. It helps deliver the most effective network-level security for enterprises and service providers.
Whether on-premises or in an SDDC environment, BIG-IP AFM tracks the state of network sessions. It also maintains application awareness and mitigates attacks based on more attack details than traditional network firewalls. BIG-IP AFM features an app-centric security model and full-proxy architecture. This protects organizations from the most aggressive volumetric distributed-denial-of-service (DDoS) attacks before they can reach data centers.
BIG-IP AFM helps ensure traffic isn’t interrupted, even under the most intense attacks. It scales to support millions of concurrent connections per second, automatically sizes threshold values, and provides more than 100 hardware-based vectors for faster attack detection. In addition, BIG-IP AFM systematically manages the unknown by identifying and controlling apps exhibiting evasive tactics. It combines with F5 Silverline DDoS Protection for hybrid protection to offload volumetric attacks in the cloud.
The BIG-IP Advanced Firewall Manager uses the flexibility of the iRules scripting language. It also uses sophisticated filtering, behavioral analysis, immediate blacklisting, and machine learning. The firewall helps users respond to threats quickly and with a full understanding of security status in real time. The BIG-IP AFM provides summaries of current attack events, customizable reports, in-depth logging of attack details, and integration with SIEM tools. It also combines with other BIG-IP solutions to enhance security capabilities.
BIG-IP AFM eliminates the need for single-point products that support application delivery, application security, client-side protections, user access, and DNS security. This results in increased efficiency and lower total cost of ownership.
App-centric policy enforcement unifies the application configuration with security parameters to exact tighter policy enforcement. L3 and L4 attack protection terminates all connections. It transparently runs checks to identify and mitigate network, DNS, and SSL attacks before they reach the data center. In addition, high volume logging controls log DoS events at high speeds; support SNMP, SIP, DNS, and IPFIX collector; and provide controls that prevent log servers from becoming overwhelmed.
BIG-IP AFM has intelligent control to guard against known bad actors at the earliest point in the traffic flow with RTBH. At the same time it accelerates black listing based on intelligent reputation feeds from third party services and other F5 security solutions. Further, centralized management enables a consistent and effective security posture across an expanding set of F5 network security devices at scale. SSH channel protection delivers fine-grained control over SSH channel in the data center. This is done through policy-based protections, regular key management, and session time-out enforcement.