Bringing together security and deep application fluency, BIG-IP Advanced Firewall Manager (AFM) delivers the most effective network-level security for enterprises and service providers alike. Whether on-premises or in a software-defined data center (SDDC), BIG-IP AFM tracks the state of network sessions, maintains application awareness, and mitigates threats based on more attack details than traditional network firewalls. AFM also protects your organization from the most aggressive volumetric distributed-denial-of-service (DDoS) attacks before they can reach your data center.
BIG-AFM ensures traffic isn’t interrupted even under the most intense attacks, protecting the data center and the applications behind it. BIG-IP AFM scales to support millions of concurrent connections per second and provides more hardware-based vectors than other network firewalls.
DDoS attacks can enter the network on a variety of protocols—including known bad actors, malformed packets, slow-and-low, and flood attack types. BIG-IP AFM uses the flexibility of the iRules scripting language, sophisticated filtering, immediate blacklisting, and over a hundred built-in threat vectors to identify and mitigate DDoS attacks.
BIG-IP AFM helps you respond to threats quickly and with a full understanding of your security status. It provides summaries of current attack events, customizable reports, in-depth logging of attack details, and integration with SIEM tools.
BIG-IP AFM combines with other BIG-IP solutions to enhance security capabilities. It eliminates the need for single-point products that support application delivery, application security, client-side protections, user access, and DNS security. That means increased efficiency and lower total cost of ownership.
Unifies the application configuration with security parameters for tighter policy enforcement.
Terminates all connections and runs checks to identify and mitigate network-level threats before they reach the data center.
Logs DDoS events; supports SNMP, SIP, DNS, and IPFIX collectors; and provides controls that prevent log servers from becoming overwhelmed.
Automatically guards against known bad actors at the earliest traffic flow point.
Enables efficient deployment and management for a consistent and effective security posture across an expanding set of firewall devices.
Consolidates multiple firewalls onto a single device for more flexible and isolated allocation of resources.
AFM integrates with a range of technologies and third-party solutions to provide the most advanced data center security, deep data analysis, increased access control and efficient deployment. Key partners include:
Case Study: MageMojo
- Eric Hileman, MageMojo Co-Founder
David Holmes | 8/7/2013
Who doesn’t love a Justin Timberlake reference when talking about security technology? The guy helped bring back the Fedora, which I am pleasantly delighted to see on the heads of hipsters and kids all over the place. In this third and final blog...
John Wagnon | 7/29/2013
The BIG-IP Advanced Firewall Manager (AFM) has done it again...and again....and again. The BIG-IP AFM is a high-performance network firewall that guards your data center against extensive network threats on the most widely deployed...
John Wagnon | 7/26/2013
It's true...F5 has long been known as the worldwide leader in Application Delivery Controllers, but F5 also scores aces with layer 3-4 security devices as well. It's no surprise that network security is extremely important in...
David Holmes | 6/19/2013
“Vive la différence!” I’ve been here in Europe at our Agility Conference in Monte Carlo (the theme: GO BIG) talking with customers and partners about what makes the F5 firewall different. F5’s European Conference at Monte Carlo Bay,...