F5 BIG-IP Advanced Firewall Manager (AFM) - Excellent Module for Firewall Functionality
We use F5 BIG-IP Advanced Firewall Manager (AFM) to segment traffic and prevent third-parties from accessing services outside of what they …
Overview
What is F5 BIG-IP Advanced Firewall Manager (AFM)?
F5 Networks offers the F5 BIG-IP Advanced Firewall Manager, a firewall software combining a number of features including DDoS, DNS security, and other protections.
Recent Reviews
Reviewer Pros & Cons
Pricing
N/A
Unavailable
What is F5 BIG-IP Advanced Firewall Manager (AFM)?
F5 Networks offers the F5 BIG-IP Advanced Firewall Manager, a firewall software combining a number of features including DDoS, DNS security, and other protections.
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
2 people also want pricing
Alternatives Pricing
N/A
Unavailable
What is Cisco Firepower 1000 Series?
The Cisco Firepower® 1000 Series for small to medium-size businesses and branch offices is a family of four threat-focused Next-Generation Firewall (NGFW) security platforms designed to deliver business resiliency through superior threat defense. The vendor provides that they offers exceptional…
What is SonicWall TZ?
SonicWall TZ is a NGFW for small to mid-sized companies. It is a Unified Threat Management solution, with additional native decryption and deep-packet inspection capabilities.
Product Details
- About
- Competitors
- Tech Details
- FAQs
What is F5 BIG-IP Advanced Firewall Manager (AFM)?
F5 BIG-IP Advanced Firewall Manager (AFM) is a full-proxy network security solution designed to protect networks and data centers against incoming threats that enter the network on the most widely deployed protocols. Built on F5’s BIG-IP hardware and software platform, BIG-IP AFM is presented as a scalable platform that delivers the flexibility, performance, and control needed to mitigate aggressive distributed denial-of-service (DDoS) and protocol attacks before they overwhelm and degrade business critical services.
F5 intrusion prevention system (IPS), natively a part of F5 BIG-IP AFM, performs Layer 5-7 inspection of all incoming traffic and protects more than 25 protocols and infrastructure applications against security incidents and exploits. BIG-IP AFM’s IPS solution reviews traffic for adherence to protocol standards, matching it against hundreds of known attack signatures. It protects DNS infrastructure against protocol attacks and exploits that can impact performance. For service providers, BIG-IP AFM IPS protects the network edge, performing traffic inspection and protocol adherence for prevalent service provider protocols such as SS7, Diameter, HTTP/2, GTP, SCTP and SIP traffic coming into the network over UDP, TCP, and SCTP.
F5 BIG-IP Advanced Firewall Manager (AFM) Features
Firewall Features
- Supported: Identification Technologies
- Supported: Visualization Tools
- Supported: Content Inspection
- Supported: Policy-based Controls
- Supported: Firewall Management Console
- Supported: Reporting and Logging
- Supported: High Availability
- Supported: Stateful Inspection
- Supported: Proxy Server
Additional Features
- Supported: High-volume logging controls - Supports, SNMP, SIP, DNS, IPFIX collectors, and protects log servers from being overwhelmed.
- Supported: S/GI firewall for service providers - Defends network infrastructure and mobile subscribers from attacks such as DDoS.
- Supported: SSH Channel Protection - Provides granular, policy-based control over SSH traffic in data centers.
F5 BIG-IP Advanced Firewall Manager (AFM) Videos
In this video F5 demonstrates how offloading DDoS detection and mitigation from BIG-IP AFM VE to an Intel SmartNIC empowers organizations to prevent large, complex attacks from overwhelming their virtualized environments.
F5 DevCentral's John Wagnon discusses solutions to apply BIG-IP Advanced Firewall Manager (AFM) policies dynamically based on geolocation of source IP address.
F5 BIG-IP Advanced Firewall Manager (AFM) Competitors
F5 BIG-IP Advanced Firewall Manager (AFM) Technical Details
| Operating Systems | Unspecified |
|---|---|
| Mobile Application | No |
Frequently Asked Questions
F5 Networks offers the F5 BIG-IP Advanced Firewall Manager, a firewall software combining a number of features including DDoS, DNS security, and other protections.
Arbor Sightline, Radware DefensePro, and NETSCOUT Arbor DDoS Protection are common alternatives for F5 BIG-IP Advanced Firewall Manager (AFM).
The most common users of F5 BIG-IP Advanced Firewall Manager (AFM) are from Enterprises (1,001+ employees).
Comparisons
Compare with
Reviews and Ratings
(8)Attribute Ratings
Reviews
(1-5 of 5)Companies can't remove reviews or game the system. Here's why
February 13, 2024
F5 BIG-IP Advanced Firewall Manager (AFM) - Excellent Module for Firewall Functionality
We use F5 BIG-IP Advanced Firewall Manager (AFM) to segment traffic and prevent third-parties from accessing services outside of what they are permitted to access, per contractual documentation and other associated forms. With AFM, we are functionally protecting ourselves, our customers, and mission critical infrastructure, allowing our work to continue as necessary for the flying public.
- Stress monitoring for load balanced traffic
- Machine learning capabilities for contractual reporting
- DDoS and other attack mitigation
- More intuitive user interface
- Better naming conventions
- Fewer navigation steps to prevent abstraction
I use AFM to do basic port-based protections for both external VIPs and internal datacenter traffic
- Port based controls
- Ease of using address objects
- Ability to use external dynamic lists
February 09, 2024
Great experience with F5 BIG-IP Advanced Firewall Manager
F5 AFM offers unparalleled protection against cyber threats by seamlessly integrating with your network infrastructure and providing comprehensive security policies. Its advanced capabilities empower administrators to effectively manage and mitigate risks, ensuring continuous availability and optimal performance for your applications and services. With F5 AFM, you can confidently safeguard your network assets while maximizing productivity and minimizing downtime, making it an essential component of any modern IT ecosystem.
- Threat Prevention and Mitigation
- Application Layer Security
- Complex Configuration
- Enhanced Threat Intelligence Integration
November 23, 2021
Value for money
We use F5 [BIG-IP Advanced Firewall Manager] as a load balancer and for SSL offloading. We have created AFM iRules to manage attacks such as DDoS and threat intelligence.
- Load balancing using pools
- SSL offloading
- iRules for threat handling
- The GUI icons are very small and Overall UI can use some refreshing
- The training on the tool is not easily available and mostly involves a high cost
- The support or third party implementation teams could use some improvement
- It offers vast options of types to configure load balancing
- The security plane of this tool is very competitive
- It is a very useful and one of the top WAFs available in the market
72.22222222222223%
7.2
- When we had to decide on whether to buy different hardware our team were all in support of renewal for F5 [BIG-IP Advanced Firewall Manager]
- F5 [BIG-IP Advanced Firewall Manager] requires proper training on tools and clear concepts of packets, headers, and content to create WAF policies
- Overall, we are satisfied by the ROI provided by our F5 AFM and GTMs
Both F5 [BIG-IP Advanced Firewall Manager] and Radware require training as they are not easy to use. But Radware uses some configuration that needs deep learning and proper labs. From an admin's perspective, Configuration and management for F5 [BIG-IP Advanced Firewall Manager are] less. Also, the cost of implementing F5 [BIG-IP Advanced Firewall Manager] is lesser than that of Radware Alteon.
January 10, 2020
F5 Advanced Firewall Manager is a robust and solid solution
The F5 Advanced Firewall Manager is being used across our entire organization allowing us to manage the toll for all employees with one team and one contact point. It also ensures all divisions have the same security which is key as we reorganize and restructure. All groups can expect the same functionality.
- Central management.
- Strong security.
- If unsure, can be overly cautious.
- There are few changes the end user can make.
90%
9.0
- Easy maintenance reduces support hours.
- Consistent experience reduces user learning curve.
SolarWinds Network Configuration Manager is a bit easier to initially set up than F5 Advanced Firewall Manager but not as robust in its ability to manage different devices with different profiles. Different machines need different access and F5 Advanced Firewall Manager is better at allowing flexibility in identifying different devices and managing what they can access.