Forum Discussion

Hawary's avatar
Icon for Nimbostratus rankNimbostratus
Mar 26, 2021

APM behind Third Party WAF

hi Folks,

i would like to ask about, if it possible to put the APM behind third party external WAF (L3 WAF)? how will the traffic flow from external users to internal network? is there any guide to explain the needed configuration?


thanks all.

3 Replies

  • I don't word directly for F5 bt everyone from F5 will tell you to use ASM on the same F5 device if there is enough CPU and memory. There can't be a guide for how F5 APM will work with concurrent vendor, as there as many waf vendors nowadays as there are stars in the sky :)

  • Hawary's avatar
    Icon for Nimbostratus rankNimbostratus

    thanks Nikoolayy1,

    the idea is that i'm not using F5 WAF, i'm using Sophos WAF and it working, i'm not sure it will work or not.

  • As I understand you want to use Sophos in L3 mode, right?

    You can search (google) for F5 reference architectures. You will find a couple of diagrams that actually recommend to have a L3/4 network firewall, like F5 AFM, in a separate tier in front of APM or ASM/AWAF, in order to protect from flooding attacks for example.


    This link is a bit dated, but is close to your scenario: The F5 DDoS Reference Architecture - Enterprise Edition.