BIG-IP Advanced Firewall Manager (AFM) License

BIG-IP Advanced Firewall Manager

F5 BIG-IP Advanced Firewall Manager™ (AFM) is a high-performance, stateful, full-proxy network firewall designed to guard data centers against incoming threats that enter the  network on the most widely deployed protocols—including HTTP/S, SMTP, DNS, and FTP.

By aligning firewall policies with the applications they protect, BIG-IP AFM streamlines application deployment, security, and monitoring. BIG-IP AFM gives enterprises and service providers the scalability, flexibility, performance, and control needed to mitigate the most aggressive attacks before they reach the data center. BIG-IP AFM forms the core of the F5 application delivery firewall solution.

Key benefits

• Scales to meet network demand.

Meets demanding data center scalability needs with a solution built on top of F5’s proven  architecture, hardware systems, and  virtual editions.

• Protects with a full-proxy firewall.

Terminates incoming client connections and inspects them, mitigating threats based on  security and application parameters before forwarding them on to the server.

• Streamlines firewall deployment.

Simplifies security configuration with firewall policies oriented around applications and an efficient rules and policy user interface which speeds up app deployment.

• Customizes reporting for visibility.

Logs events at high speeds and defines per-application logging configuration, allowing flexibility in log destinations and information logged.Inspects SSL sessions.

• Fully terminates SSL

connections to identify  potentially hidden attacks—and does this at high scale with high throughput.

• Ensures application availability.

Provides protection against 38 denial-of-service  (DoS) vectors to ensure application availability, with detailed visibility into attack conditions. For certain platforms, SYN flood protection is handled in the hardware.