Identity-centric F5 ADSP Integration Walkthrough

Introduction 

The F5 ADSP addresses four core areas: Deployment at scale, Security against evolving threats, Deliver application reliably, and Operate your day-to-day work efficiently.  Each comes with its own challenges, but together they define the foundation for keeping systems fast, stable, and safe.  Each architecture deployment example is designed to cover at least two of the four core areas: Deployment, Security, Delivery, and XOps. 

The mix of F5 ADSP products: F5 Distributed Cloud Bot Defense for Malicious automated threats, BIG-IP APM for identity and access management, BIG-IP SSLO for SSL/TLS traffic decryption and inspection, alongside BIG-IP AWAF for advanced application and network security, deliver a powerful, identity-centric security framework. From a business perspective, it streamlines operations through unified management, reduces security complexity, and supports regulatory compliance while enhancing user experience with secure, seamless access.

Technically, this integrated service chain provides end-to-end control and inspection across application delivery and security layers. This allows IT teams to adapt quickly to evolving threats and infrastructure needs. The decryption and inspection of encrypted traffic by SSLO reveal hidden threats for AWAF to mitigate threats, while APM governs user authentication and authorization dynamically.

This approach not only ensures robust threat detection and response but also supports scalable, flexible deployment models from on-premises to multi-cloud environments. This makes it an agile, high-performance solution in today's hybrid and AI-driven application landscape.

This unified strategy reduces operational overhead and maximizes security effectiveness. It enables enterprises to protect critical assets and maintain resilient application delivery with full visibility and automated insights.

 

Demo implementation steps

In our deployment, we use the below BIG-IP modules to achieve our target deployment,

• BIG-IP LTM: Handles the application delivery portion of our lab. 
• F5 Distributed Cloud Bot Defense: Protects against malicious automated threats. 
• BIG-IP APM: For access security 
• BIG-IP SSLO: Allow the inclusion of diverse service chain elements. 
• BIG-IP AWAF: State-of-art Advanced WAF. 

 

Deployment steps 

In this section, we walk through our lab deployment to achieve this mix,

 

As we went through different elements of these deployments through our previous articles, 

• BIG-IP LTM, BIG-IP APM integration with F5 Distributed Cloud (steps summarized below): Ridiculously Easy Bot Protection: How to Use BIG-IP APM to Streamline Bot Defense Implementation | DevCentral 
  • Create Application at F5 Distributed Cloud Bot Defense with the correct connector version.
  • On BIG-IP, create new Bot profile for F5 Distributed Cloud connector. 
  • Create a virtual server for the connector profile. 
  • Add iRule to forward traffic to BIG-IP APM virtual server. 
  • Create BIG-IP APM access policy and attach to its virtual server. 
• BIG-IP APM integration with BIG-IP SSLO and BIG-AWAF as part of the service chain (summarized below): F5 BIG-IP Access Policy Manager (APM) Identity-based steering with SSL Orchestrator (SSLO)
  • Create BIG-IP SSLO configurations with BIG-IP AWAF as part of its service chain.
  • Create iRule to forward traffic from BIG-IP APM to BIG-IP SSLO right after access allow. 
  • Attach the iRule to the BIG-IP APM virtual server. 

In this section we created 3 main virtual servers: one for F5 Distributed Cloud Bot profile that forwards traffic,  then to BIG-IP APM virtual server for Identity and access security, and after that traffic is forwarded to BIG-IP SSLO to apply BIG-IP AWAF as part of the service chain before passing traffic to the backend application. 

 

Conclusion

The F5 ADSP delivers a comprehensive, unified solution that addresses the critical challenges of deployment at scale, evolving security threats, reliable application delivery, and operational efficiency. By integrating best-in-class modules like F5 Distributed Cloud Bot Defense, BIG-IP APM, SSLO, and AWAF into a seamless service chain, it creates an identity-centric, adaptive security framework that enables robust threat detection and dynamic access control. This architecture not only simplifies management and reduces operational complexity. It ensures continuous protection and high-performance delivery across diverse environments, from on-premises to multi-cloud and hybrid deployments. Ultimately, the F5 ADSP empowers enterprises to safeguard their critical applications and data with scalable, flexible, and automated solutions. This makes it an ideal platform for securing modern hybrid and AI-driven infrastructure.

 

Related content 

• Ridiculously Easy Bot Protection: How to Use BIG-IP APM to Streamline Bot Defense Implementation | DevCentral
•  F5 BIG-IP Access Policy Manager (APM) Identity-based steering with SSL Orchestrator (SSLO)