AFM perimeter firewall?

F5 AFM is a really good Datacenter firewall with LTM / ASM / APM and Checkpoint, Juniper, Palo Alto and Cisco can't compete with it...

I agree that AFM does not provide easy to configure Application control, Antivirus, Antispam, URL Filtering, DLP, modules. you can do some of these features but not as good as Checkpoint or Palo Alto.

As AFM is applied on Listeners (Virtual servers, Self IPs, ...), it allow to create generic policies with source address only filter and enable it on virtual servers.

• When a virtual server is not used anymore, removing it will also disable the associated incoming policies.
• TMOS drop any traffic not handled by a configured listener.
• TMOS include TCP
• ASM will enable a better server protection than standard firewall IPS solution.
• TMOS will allow you to unencrypt SSL connections to inspect it as clear traffic.

So do not propose AFM to replace perimeter firewall with UTM or Next Generation Firewall features but replace those protecting servers.