Secure your apps, secure your data.

The threats against apps and data are unrelenting and evolving every day. BIG-IP Application Security Manager (ASM) is a powerful WAF that enables you to defeat sophisticated and complex threats while also improving app performance by offloading SSL.

F5 Positioned as a Leader in The Forrester Wave:
Web Application Firewalls, Q2 2018

Get the report >

Protect your business against diverse and dynamic threats.

ASM defends against a range of complex attacks

BIG-IP ASM stops these threats via a combination of layer 7 DDoS defenses, advanced detection and mitigation techniques, deep threat analysis, dynamic learning, virtual patching, and granular attack visibility.

And, BIG-IP ASM provides visibility into HTTP and WebSocket traffic to protect against attacks that blend in with normal web traffic, streaming data feeds, and chat sessions.


Effective security out-of-the-box

Simplifies policy creation, so you can rapidly deploy a WAF for immediate security.

Proactive bot defense

Identifies malicious bots that bypass standard detection methods and mitigates threats before they begin.

Virtual Patching

Virtual patching through signature detection of vulnerability exploit attempts. Integration with third-party dynamic application security testing (DAST) tools for automated virtual patching.

Layer 7 attack protections

Detects and mitigates attacks including DoS/DDoS, brute force, SQL injection, cross-site scripting, remote file inclusion, cookie poisoning, and session hijacking.

User/violation correlation

Associates usernames with application violations and provides in-depth blocking, as well as improved attack understanding and forensics.

Scale and performance even under attack

Ensures app availability and performance even when under attack.

Device identification

Tracks the unique device ID for every visitor across multiple IPs, sessions, and through evasive actions for increased precision in blocking bad actors.

Violation aggregation and incident grouping

Automatically correlates multiple attacks into a single incident for better visibility and easier management.

Data protection and cloaking

Prevents loss of sensitive data (credit card information, Social Security numbers) by stripping out the data and masking the information.

Flexibility via programmability

Advanced programmability for rapid and dynamic response to zero-day vulnerabilities and evolving threats. Build flexible defenses specific to your apps and workflows with defined and programmable request, response, and event handling.

Client-side integrity defense

Identifies and limits or blocks suspicious clients and headless browsers; mitigates client side malware.

Compliance and beyond

Meet compliance requirements for regulatory standards like FFIEC, HIPAA, and PCI-DSS today and in the future via pre-configured security profiles. Also get the tools you need to respond to evolving application threats and attack vectors.

For a complete overview of BIG-IP ASM, read the datasheet.

Introducing F5 Advanced WAF

Emergent threats dominate today’s risk landscape. Advanced WAF can identify and
block attacks that other WAF solutions miss.

See what Advanced WAF can do >

Deploy however you want.


BIG-IP ASM runs on a high-performance hardware WAF to protect your applications.

Learn more >

SOFTWARE (Virtual Editions)

BIG-IP ASM is a full-featured WAF you can deploy on any leading hypervisor in your data center or your private cloud.

Learn more >


The Silverline Web Application Firewall is a cloud-based WAF that can be self-managed or fully managed by certified experts in the F5 SOC.

Learn more >


The Application Security Manager (ASM), is a full-featured WAF available in select public cloud providers, including Amazon Web Services (AWS), Microsoft Azure, or Google Cloud.

Learn more >

Better together.

F5’s products, technologies, and solutions work together to make sure your applications are always protected and work the way they should. Extend the effectiveness of BIG-IP ASM by combining it with the following products.

BIG-IP Advanced Firewall Manager (AFM)

When BIG-IP ASM is combined with BIG-IP AFM, threats can be mitigated upstream at the ISP level before they reach the data center.

3Asset 3

Learn More

Customer StoriesMore customer stories >

Premier customer evidence

"The risk of a breach is so high that we wanted to go with the best of the best and find a partner who could help us take care of this major concern."

Sohail Mohammed, CIO

Learn more >


Netprice customer evidence

"Cyberattacks from outside far exceeded anything we’d imagined. Several thousand attacks a day was routine."

Keisuke Takahashi, Manager of Technology Headquarters

Learn more >


Qualica customer evidence

"Ensuring safety is the responsibility of the service provider, but we also needed a way to reduce developers’ workloads to increase delivery speeds."

Tomoyasu Tsuboguchi, Deputy Head of IT Platform Service Center

Learn more >


Golf Digest Online customer evidence

"Deploying BIG-IP ASM on AWS to screen all incoming traffic gave us the same high level of security on AWS that we had with an on-premises system."

Kazuhiro Tamazaki, Infrastructure Management Office

Learn more >