Data Center Firewall (BIG-IP v11: LTM)

Note there is a new version of this guide available at:

This F5 deployment guide contains information on configuring the BIG-IP Local Traffic Manager (LTM) for deployment as a data center firewall, resulting in a fast, secure and highly available deployment. For years, the F5 BIG-IP product family has been relied upon to handle high demand application traffic and traffic management. This includes being the traffic manager in front of the firewalls. Now, the data center firewall implementation described in this document will demonstrate how to reduce reliance on a secondary firewall layer, or remove it all together, while still providing protection to the data center.

BIG-IP platform provides a unified view of layer 3 through 7 for both general and ICSA required reporting and alerts, as well as integration with SIEM vendors. BIG-IP LTM offers native, highperformance firewall services to protect the entire infrastructure. BIG-IP LTM is a purpose-built, high-performance Application Delivery Controller (ADC) designed to protect data centers. In many instances, BIG-IP LTM can consolidate existing firewall services while also offering scale, performance, and persistence.

The following diagram illustrates the configuration described in the deployment guide.