HTTP Security Profiles and ASM Overlap

Question

Good afternoon all,&nbsp;
I'm just wondering about how http security profiles fit into the BIG-IP offering as a whole in relation to the ASM security profile. The entire http_security profile is an overlap of the capabilities of ASM but it is attachable at the vs lvl. &nbsp;
My initial though is that it fulfills two requirements:&nbsp;
To  protect non-ASM deployments with standard http compliance if you have AFM licensed.To offer a defense in depth tiered architecture in which AFM/LTM is scrubbing traffic before being forwarded to an LTM/ASM box.Defense in depth.
Am I missing something here or am I accurate in my assumptions?&nbsp;

boneyard · Answer

that is pretty much my feeling also. it started from somewhere probably and found its place in AFM. nice for a start, but if you need an actual WAF you need ASM.&nbsp;

Forum Discussion

HTTP Security Profiles and ASM Overlap

Recent Discussions

SNI Sites not taking correct certificate.

How to Renew F5 Device Certificate

irule to enable http/2 acceleration

Service discovery is not happening in AS3

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

Related Content

Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio

AppWorld 2025 Security Insights - ADC 3.0, AI Security, and more

Overlapped Networks Question

Securing Model Serving in Red Hat OpenShift AI (on ROSA) with F5 Distributed Cloud API Security

F5 AI Gateway - Secure, Deliver and Optimize GenAI Apps

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS