BIG‑IP Application Security Manager

BIG-IP Application Security Manager (ASM) License

“F5 has really helped us become more aggressive in tuning our devices for our security needs. Now we do a much better job of blocking bad traffic while allowing valid traffic.”

Key benefits

Ensure application availability by stopping attacks from any location
Reduce the cost of security compliance
Get out-of-the-box application security policies with minimal configuration
Improve application security and performance
Deploy flexibly for virtualized and private cloud environments
Improve protection with external intelligence

With the continued growth of web application traffic, an increasing amount of sensitive data is exposed to potential theft, security vulnerabilities, and multi-layer attacks. Protect your organization and its reputation by maintaining the confidentiality, availability, and performance of the applications that are critical to your business.

F5 BIG-IP Application Security Manager (ASM) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments. BIG-IP ASM helps secure applications against unknown vulnerabilities, and enables compliance for key regulatory mandates. BIG-IP ASM is a key part of the F5 application delivery firewall solution, which consolidates traffic management, network firewall, application access, DDoS protection, SSL inspection, and DNS security.

Deliver comprehensive security

BIG-IP ASM blocks web application attacks to help protect against a broad spectrum of threats, including the most sophisticated application-level DDoS and SQL injection attacks. It also helps secure interactive web apps that use the latest development methodologies, such as AJAX widgets, JSON payloads, and the Google Web Toolkit. Advanced DAST integrations can scan web apps and coordinate with BIG-IP ASM to patch vulnerabilities in minutes. By integrating contextual information about incoming IP addresses and IP Intelligence service databases, BIG-IP ASM secures applications against constantly changing threats.

Achieve compliance cost-effectively

Advanced, built-in security protection and remote auditing help your organization comply with industry security standards, including PCI DSS, HIPAA, Basel II, and SOX, in a cost-effective way—without requiring multiple appliances, application changes, or rewrites. Detailed PCI reporting determines if PCI DSS compliance is being met while guiding administrators through the necessary steps to become compliant

For more information, BIG-IP License

In cases of very high volumes for apps and services or a DNS DDoS attack, BIG-IP DNS with DNS Express enabled plus in Rapid Response Mode (RRM) hyperscales up to 100 million RPS. It extends availability with unmatched performance and security absorbing and responding to queries up to 200 percent of the normal limits. See page 17 for performance metrics and details.

Get out-of-the-box protection

Equipped with a set of pre-built and certified application security policies, BIG-IP ASM gives you out-of-the box protection for common applications such as Microsoft Outlook Web Access, Oracle E-Business Financials, and Microsoft Office SharePoint. A rapid deployment policy secures any internal or custom application.

Improve application performance

Achieve both security and performance. The F5 TMOS architecture provides significant performance advantages, including SSL offload, caching, compression, TCP optimization, and more. BIG-IP ASM is part of the F5 application delivery firewall solution—a portfolio of networking and security modules designed to protect network and application infrastructure. Integration with BIG-IP Advanced Firewall Manager enables protection from DDoS and other network attacks. BIG-IP Local Traffic Manager integration ensures application infrastructure efficiency and peak network performance. And because BIG-IP ASM works on the same platform with other BIG-IP modules, you can benefit from centralized, secure access control and even greater performance improvements

Deploy flexibly

BIG-IP ASM is available across the entire family of F5 platforms, from the virtual editions (VE), which protect virtual private cloud applications, to BIG-IP appliances and VIPRION multi-line-card chassis

BIG‑IP ASM features

Security and implementation

Geolocation-based blocking
Integrated XML firewall
DataGuard™ and cloaking
OneConnect™ aggregates requests to connections
Live update for attack signatures
Web scraping protection
Data center firewall solution
Application policy templates
ICAP support for SMTP and SOAP files
BIG-IP modules layering
Session-based enforcement and reporting
Advanced vulnerability assessment integrations with limited free scans
Better threat protection with external IP Intelligence (optional feature)
Application security in the private cloud
PCI reporting
Violation correlation of incidents

Performance and configuration

SSL offload
Caching and compression
iRules and Fast Cache
TCP/IP optimization
L7 Rate Shaping
iApps for pre-configured policies
Application visibility and reporting

Comprehensive attack protection

Cross-site request forgery
Layer 7 DDoS
Cross-site scripting
SQL injection
Parameter and HPP tampering
Session hijacking
Cookie manipulation
Forceful browsing
XML bombs/DoS

BIG-IP Application Security Manager (ASM) License

BIG-IP Application Security Manager (ASM) Order Pricing

Customers can order various BIG-IP software and licenses by contacting our sales specialists at Golicense.net.