BIG-IP Advanced Firewall Manager

Secure Your Network from Core to Edge

Behavioral analytics drives accurate detection

BIG-IP AFM, an ICSA lab certified firewall, drives accurate detection with machine learning, stress monitoring, dynamic signatures, and attack mitigation.

Machine Learning - BIG-IP AFM learns normal traffic baselines. Its behavioral monitoring functionality starts gathering data to help you understand “normal” system and network activity.
Stress Monitoring - It detects abnormal server stress and monitors the health of the protected server. When the server shows signs of stress, based on deviations from normal network activity, mitigations begin.
Dynamic Signatures - BIG-IP AFM identifies bad traffic and bad actors. Signatures are rapidly created specific to the source of the detected threat and are ready to be deployed before service is impacted.
Attack Mitigation - Dynamic signatures are applied. Server health is continuously monitored for mitigation effectiveness as part of a feedback loop. Additional signatures are created if needed until the attack has been adequately addressed.

Behavioral analytics drives accurate detection

Obtain consistent security and actionable visibility

BIG-IP AFM is a core component of F5’s application protection solutions, which combine four key security elements: firewall, DDoS mitigation, DNS security, and application Intrusion Protection Systems (IPS). These solutions can be consolidated onto a single BIG-IP platform, reducing management complexity and overhead, while offering superior performance and scalability.

Consistent Protection for Containerized Applications - Protect container-based applications regardless of platform or location with attack detection and mitigation services to mitigate attacks and risks. .
Actionable Reporting and Visibility - Easily understand your security status with rich telemetry that can be customizable into reports and charts to provide insight to all event types and enable effective forensic analysis.

Ensure network availability, security, and scaling

Protecting network resources without compromising flexibility and controlling costs is a constant battle. BIG-IP AFM, with its unmatched subscriber aggregation capacity, enables service providers to protect networks and subscribers while consolidating network infrastructure and without compromising flexibility.

Protect with Full Proxy Capabilities - Inspect all incoming subscriber connections and server-to-client responses, and mitigate threats based on security and protocol parameters before forwarding them.
Inspect SSL Sessions - Decrypt SSL traffic to identify potentially hidden attacks—at high rates and with high throughput.
Automate Security Deployment - Simplify configuration with security policies oriented around services and protocols and an efficient rules and policy GUI.

Ensure network availability, security, and scaling

Product Overview

Defending the network core to edge and protecting your services

BIG-IP AFM is a high-performance, full-proxy network security solution designed to protect networks and data centers against incoming threats that enter the network on the most widely deployed protocols. This product’s unique application-centric design enables greater effectiveness in guarding against targeted network infrastructure-level attacks. Additionally, with BIG-IP AFM, organizations receive protection from more than 100 attack signatures—more hardware-based signatures than any other leading firewall vendor—along with unsurpassed programmability, interoperability, and visibility into threat conditions.

Hardware

BIG-IP appliances and VIPRION platforms deliver quick and easy programmability, multi-vendor service orchestration, software-defined hardware, and line-rate performance.

See hardware options ›

Cloud

F5 application services work exactly the same way in the public and private cloud as they do in the data center. CNF and VNF options available.

See cloud options ›

Software

BIG-IP virtual editions have the same features as those that run on F5 purpose-built hardware—and you can deploy them on any leading hypervisor or select cloud providers.

See software options ›

Core Capabilities

Secure your data center

Unifies application configuration with network security policy for tighter enforcement

Network protection

Identifies and mitigates network, protocol, DNS threats, before they reach critical data center resources

High-volume logging controls

Supports SNMP, SIP, DNS, IPFIX collectors, and protects log servers from being overwhelmed

Block known bad actors

Protects data center resources with purpose-built defenses augmented by F5 threat data

SSH channel protection

Uniquely controls operations in the SSH channel by acting as a man-in-the-middle SSH proxy

S/Gi firewall for service providers

Defends your network infrastructure and mobile subscribers from attacks such as DDoS

Flexible defense of complex threats

Mitigates sophisticated zero-day threats or gather critical forensics using F5 iRules

Data center visibility

Understands traffic patterns into the data center with customizable reports and analytics

Resources

Featured

A computer screen covered in binary code overlaying a background of red and purple

Attention Service Providers: Defend the Network Core and Edge, and Protect Service-Based Revenue

With its unmatched subscriber aggregation capacity, BIG-IP AFM helps you protect networks and subscribers. That means you can consolidate your network infrastructure and control costs—without compromising flexibility.

Read the data sheet

2023 PeerSpot Award in Web Application Firewall

F5 has won a 2023 PeerSpot Award for BIG-IP Advanced WAF in the Web Application Firewall category. The solution was recognized for its advanced, scalable security features that thwart a variety of potential risks.

Learn more about F5’s PeerSpot awards ›