The BIG-IP Application Security Manager (ASM) is a Layer 7 ICSA-certified Web Application Firewall (WAF) that provides critical protection for all of your web applications. It is built on TMOS (the foundational operating system used by all F5 BIG-IP products), and it can run on any of the F5 Application Delivery Platforms. The ASM protects your applications from a myriad of network attacks including the OWASP Top 10 most critical web application security risks, and it also allows compliance with key regulatory standards such as Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry Data Security Standard (PCI DSS).
With the BIG-IP ASM system, organizations gain the flexibility they need to deploy WAF services for protecting applications wherever they reside—within a virtual software-defined data center (SDDC), managed cloud service environment, public cloud, or traditional data center.
The ASM Operations Guide was written by the engineers who design, build, and support the ASM, as well as other F5 professionals who have firsthand experience with this technology. In this guide you’ll find recommendations, practices, and troubleshooting tips to keep your ASM running at peak efficiency.
This guide includes recommended maintenance, tuning, and monitoring procedures related to ASM versions 11.6 – 12.0. The goal of this guide is to assist customers with keeping their BIG-IP system healthy, optimized, and performing as designed. This guide describes common information technology procedures as well as some that are exclusive to BIG-IP systems. If you have specific questions about how to configure and operate your BIG-IP ASM, take some time to look at this guide and I'm sure you will find some great guidance here. Enjoy!