herculon F5 features support

I'm evaluating F5 DDoS herculon against following features:-

 

a. 1,000,000 BGP routes per peer. (is solution BGP aware)

 

b. How does it scale for traffic at ISP core visibility being an in-line ONLY solution?

 

c. Does it have IoT botnet detection?

 

d. Does F5 have multi-tenancy support or a portal.

 

e. Is F5 detection based upon netflows, bgp , what are sources of detection?

 

f. How is redundancy achieved for on-permise solution?

 

g. Latency in detection and mitigation e.g minutes , seconds

 

h. As DDoS countermeasure does it include DNS authentication or syn authentication or capatcha?

 

i. Is product CC/ NSS evaluated and certified?

 

k. Is herculon keeping "stateful" for detection and mitigation? If yes, what impact it has on performance in case long duration-large volume DDoS attack?

 

l. Does herculon do "profiling and behavioral analysis"

 

Thanks