In the long run as long as you set your TCP time out not to infinite you will reclaim the memory. With TCP timeout there are cases where it is possible that you will not close the connection. The Acking of data is a TCP function not a Application function. There are many cases were the Application will go off into space but the TCP stack will still open connection and ack data. So the memory question can be a wash. The only connection that are left in memory are the one that drop off the network and do not close the connection down and they are cleaned up when the timeout run. With keep-alives you have the chance of a connection not shunting down as long at the client and server respond.
You will also find that if tcp keep-alives are two aggressive you will lose valid connections. If you think from a cell perspective if the client loses connectivity then regains it it can keep the TCP session open. But with aggressive keep alive the LTM can reset the connection causing the provider to request the again. After 8 missed Ack packets the LTM will drop the connection. With flaky coverage and dropped packets on the internet it would not be hard to lose 8 packets if you say update a route between the user and the server due to a outage.
From a DDos prospective you are opening up more from increasing from 5 min to 10 min. But with Deferred Accept you can help mitigate a SYN-flood and force the client to complete the three way handshake.
My rule of thumb for the most part is the Firewall idle timeout +1. Or if the LTM is the firewall then what ever the firewall timeout would be. Again that is just how I roll. Over all I am just saying there is no one size fits all solution just one that works best in you network.
Sorry Natass, it looks like I was wrong with reading the docs.