on 16-Jun-2016 07:18
The BIG-IP Advanced Firewall Manager is an ICSA-certified Firewall that provides critical protection for all of your web applications. It is built on TMOS (the foundational operating system used by all F5 BIG-IP products), and it can run on any of the F5 Application Delivery Platforms.
The AFM delivers the most effective network-level security for enterprises and service providers. Whether on-premises or in a software-defined data center, the AFM tracks the state of network sessions, maintains application awareness, and mitigates threats based on more attack details than traditional network firewalls. It also protects your organization from aggressive distributed denial-of-service (DDoS) attacks before they can reach your data center
This operations guide was written by the engineers who design, build, and support the AFM, as well as other F5 professionals who have firsthand experience with this technology. In this guide you’ll find recommendations, practices, and troubleshooting tips to keep your AFM running at peak efficiency.
This guide provides details on configuration items like packet flow, firewall rules, Network Address Translation, DDoS mitigations, logging, and troubleshooting. The goal of this guide is to assist customers with keeping their BIG-IP system healthy, optimized, and performing as designed. This guide describes common information technology procedures as well as some that are exclusive to BIG-IP systems. If you have specific questions about how to configure and operate your BIG-IP AFM, take some time to look at this guide and I'm sure you will find some great guidance here. Enjoy!
I was just looking at the August 2017 version of this document, and on page 8 in the section 'Flow Lookup', the document states the following:
The packet process flows in the following sequence:
Should the second reference to the 'hardware flow table' be changed to 'software flow table' or is 2 merely duplicating the content of 1?
I was just looking at the August 2017 version of this document, and on page 8 in the section 'Flow Lookup', the document states the following:
The packet process flows in the following sequence:
Should the second reference to the 'hardware flow table' be changed to 'software flow table' or is 2 merely duplicating the content of 1?
@rob_carr, great catch on this, and thanks for the question. i admit that the flow sequence wording on page 8 is a bit confusing. fortunately, the diagram on page 7 is correct and follows the proper flow patterns and logic. so, it's best to just reference the diagram for now. i'm working with the author to update the verbiage in the document, and i'll post an updated version here as soon as it's available. thanks again for the catch!!