F5 BIG-IP Advanced Firewall Manager (AFM)

Score8.4 out of 10

9 Reviews and Ratings

What is F5 BIG-IP Advanced Firewall Manager (AFM)?

F5 Networks offers the F5 BIG-IP Advanced Firewall Manager, a firewall software combining a number of features including DDoS, DNS security, and other protections.

Categories & Use Cases

Active Directory and LDAP
Integration with Active Directory and LDAP directories
Category average: 8.5
VPN
VPN's implement encryption and anonymize IP addresses
Category average: 9.1
Proxy Server
A proxy server changes your IP address and masks the origin of your network traffic
Category average: 8.5

Reporting and Logging
Custom and summary reports, and log files enabling analysis of security incidents, application usage and traffic patterns
Category average: 8.3
Visualization Tools
Visualization tools present administrators with data on applications traversing the network, who is using them, and the potential security impact.
Category average: 8.1
Firewall Management Console
Either command-line or web-based interface for centralized control and management
Category average: 8.1

Ali Can Çoban View profile

Network Security Engineer in Information Technology at Turkiye Is Bankasi (10,001+ employees employees)

Use Cases and Deployment Scope

F5 AFM offers unparalleled protection against cyber threats by seamlessly integrating with your network infrastructure and providing comprehensive security policies. Its advanced capabilities empower administrators to effectively manage and mitigate risks, ensuring continuous availability and optimal performance for your applications and services. With F5 AFM, you can confidently safeguard your network assets while maximizing productivity and minimizing downtime, making it an essential component of any modern IT ecosystem.

Pros

Threat Prevention and Mitigation
Application Layer Security

Cons

Complex Configuration
Enhanced Threat Intelligence Integration

Verified User

Engineer in Engineering (10,001+ employees employees)

Use Cases and Deployment Scope

We use F5 BIG-IP Advanced Firewall Manager (AFM) to segment traffic and prevent third-parties from accessing services outside of what they are permitted to access, per contractual documentation and other associated forms. With AFM, we are functionally protecting ourselves, our customers, and mission critical infrastructure, allowing our work to continue as necessary for the flying public.

Pros

Stress monitoring for load balanced traffic
Machine learning capabilities for contractual reporting
DDoS and other attack mitigation

Cons

More intuitive user interface
Better naming conventions
Fewer navigation steps to prevent abstraction

Other Software Used

F5 BIG-IP Access Policy Manager (APM), F5 BIG-IP Local Traffic Manager (LTM), F5 BIG-IP SSL Orchestrator

Verified User

Administrator in Information Technology (5001-10,000 employees employees)

Use Cases and Deployment Scope

I use AFM to do basic port-based protections for both external VIPs and internal datacenter traffic

Pros

Port based controls
Ease of using address objects

Cons

Ability to use external dynamic lists

Other Software Used

Palo Alto Networks Next-Generation Firewalls - PA Series

Verified User

Employee in Information Technology (10,001+ employees employees)

Use Cases and Deployment Scope

We use F5 [BIG-IP Advanced Firewall Manager] as a load balancer and for SSL offloading. We have created AFM iRules to manage attacks such as DDoS and threat intelligence.

Pros

Load balancing using pools
SSL offloading
iRules for threat handling

Cons

The GUI icons are very small and Overall UI can use some refreshing
The training on the tool is not easily available and mostly involves a high cost
The support or third party implementation teams could use some improvement

Most Important Features

It offers vast options of types to configure load balancing
The security plane of this tool is very competitive
It is a very useful and one of the top WAFs available in the market

Return on Investment

When we had to decide on whether to buy different hardware our team were all in support of renewal for F5 [BIG-IP Advanced Firewall Manager]
F5 [BIG-IP Advanced Firewall Manager] requires proper training on tools and clear concepts of packets, headers, and content to create WAF policies
Overall, we are satisfied by the ROI provided by our F5 AFM and GTMs

Alternatives Considered

Radware Alteon

Other Software Used

Infoblox DDI (BloxOne), LogicMonitor, OpSmart ITSM / CMDB

Verified User

Manager in Information Technology (10,001+ employees employees)

Pros

Central management.
Strong security.

Cons

If unsure, can be overly cautious.
There are few changes the end user can make.

Return on Investment

Easy maintenance reduces support hours.
Consistent experience reduces user learning curve.

Alternatives Considered

SolarWinds Network Configuration Manager

Other Software Used

Gainsight, Gainsight PX, OneDrive

Arbor Sightline, part of Netscout Arbor

Radware DefensePro

NETSCOUT Arbor DDoS Protection

F5 BIG-IP Advanced Firewall Manager (AFM)

What is F5 BIG-IP Advanced Firewall Manager (AFM)?

Categories & Use Cases

Key Features

Top Performing Features

Active Directory and LDAP

VPN

Proxy Server

Areas for Improvement

Reporting and Logging

Visualization Tools

Firewall Management Console

Reviews

Use Cases and Deployment Scope

Pros

Cons

Use Cases and Deployment Scope

Pros

Cons

Other Software Used

Use Cases and Deployment Scope

Pros

Cons

Other Software Used

Use Cases and Deployment Scope

Pros

Cons

Most Important Features

Return on Investment

Alternatives Considered

Other Software Used

Pros

Cons

Return on Investment

Alternatives Considered

Other Software Used

Related Products