DATA SHEET / F5 BIG-IP AFM
10
With BIG-IP AFM, organizations can also benefit from F5 Analytics, a module of the
BIG-IP platform, which combines DDoS reports from BIG-IP ASM and BIG-IP AFM for a single
comprehensive view of the entire threat field. F5 Analytics, previously known as the Application
Visibility and Reporting module, allows administrators to view and analyze metrics gathered
about the network and servers as well as the applications themselves. Additionally, BIG-IP AFM
uses SNMP and JSON reporting to easily communicate DDoS attack details and other key events
to higher-level monitoring and forensics systems. These systems oer greater analysis that
strengthens the organization’s overall security posture.
Automation and Centralized Policy Management
Large organizations face a growing challenge in managing a consistent and eective security
posture across an ever-expanding number of firewall devices. Too often, security administrators must
independently manage each device, reducing operational scalability and increasing overhead costs.
F5 BIG-IQ® Centralized Management enables administrators to easily manage and orchestrate
F5 devices and the services they deliver, including the security services of BIG-IP AFM. F5 BIG-IQ
Centralized Management provides consolidated, customizable, and security-specific dashboards
that provide near real-time visibility into trac from multiple BIG-IP AFM instances by source and
trac type. Leveraging these insights and proactive alerting capabilities, BIG-IQ makes it easy to
react quickly to changes and push updated and optimized configuration and policies to many BIG-IP
AFM deployments from a single, unified console. BIG-IQ also leverages simple, yet powerful REST
APIs to make integrating with third-party services quick and easy. And, with its tight integration with
the F5 Automation Toolchain, injecting automation into app services and infrastructure creation,
provisioning, and management, you can take a programmatic approach to working with BIG-IP AFM
and other F5 solutions.
BIG-IP AFM is also easily automated into production via integrations with third party integrations.
F5 has built solution templates for AWS, Azure, and Google public cloud environments and API
integration with third-party automation tools such as Ansible and Terraform.
Increased Scalability, Performance, and Reliability
BIG-IP AFM delivers the scalability and performance to tackle the most demanding firewall
requirements with outstanding speed and throughput. A single F5 platform BIG-IP AFM uses
F5 ScaleN™ with Virtual Clustered Multiprocessing™ (vCMP) enabled systems to give cloud and
communications service providers, as well as enterprises, the most cost-eective approach for
managing their large-scale firewall deployments.
With vCMP, administrators can easily consolidate multiple firewalls onto a single device and
allocate BIG-IP AFM resources in a more flexible and isolated manner than with firewalls for
dierent customers, groups, applications, and services. vCMP supports high-density firewall
isolation and guest firewall clustering for easier administration and maintenance and to ensure
consistency throughout the firewall infrastructure.
F5 BIG-IQ CENTRALIZED
MANAGEMENT PROVIDES
CONSOLIDATED,
CUSTOMIZABLE, AND
SECURITY-SPECIFIC
DASHBOARDS THAT PROVIDE
NEAR REAL-TIME VISIBILITY
INTO TRAFFIC FROM MULTIPLE
BIG-IP AFM INSTANCES BY
SOURCE AND TRAFFIC TYPE.