BIG‑IP Application Security Manager

PRODUCT OVERVIEW

“F5 has really helped us become

more aggressive in tuning our
devices for our security needs, and
as a result, [the device] does a
much better job of blocking bad
traffic while allowing valid traffic.”
Stuart Lyons, Security Engineer, Human Kinetics

Defend Against Attacks and Achieve

Regulatory Compliance

Key benefits
· Ensure application availability by stopping · Get out-of-the-box application security · Deploy flexibly for virtualized and private
hackers and attacks policies with minimal configuration cloud environments
· Reduce the cost of security compliance · Improve application security and performance · Increase agility

As more application traffic moves over the web, sensitive data is exposed to
potential theft, security vulnerabilities, and multi-layer attacks. Protect your
organization and its reputation by maintaining the confidentiality, availability,
and performance of the applications that are critical to your business.

F5 BIG IP® Application Security Manager™ (ASM) is a flexible web application

firewall that secures web applications in traditional, virtual, and private cloud
environments. BIG IP ASM provides unmatched application and website
protection, a complete attack expert system, and compliance for key regulatory
mandates—all on a platform that consolidates application delivery with network
and application access and optimization.
Deliver comprehensive security
BIG‑IP ASM patches web application
vulnerabilities in minutes to protect from
a broad spectrum of threats, including
the latest (D)DoS and SQL injection attacks.
It also secures the latest interactive web
applications such as JSON payloads and
AJAX widgets. A complete attack expert
system provides on-the-spot attack details,
staging of new policies for testing, and
quick administrator notification. BIG-IP ASM
stops hackers and attacks and ensures
legitimate users can access applications.
Achieve compliance cost-effectively
Advanced, built-in security protection and
remote auditing help your organization
comply with industry security standards,
including PCI DSS, HIPAA, Basel II, and
SOX, in a cost-effective way—without
requiring multiple appliances, application
BIG‑IP ASM features
· PCI reporting
· Integrated XML firewall
· DataGuard™ and cloaking
· Live update for attack signatures
· Web scraping protection
· Web services encryption/decryption
·A
 pplication policy templates
· ICAP support for SMTP and SOAP files
· BIG‑IP modules layering
· iRules® and Fast Cache integrations
· WhiteHat Sentinel integration
· BIG-IP ASM Virtual Edition (VE)
· Application security in the private cloud
· Metrics on the BIG-IP Dashboard
· F5 TMOS architecture
· SSL offload
· Caching and compression
F5 Networks, Inc. 401 Elliott Avenue West, Seattle, WA 98119 888-882-4447 www.f5.com
F5 Networks, Inc. F5 Networks
Corporate Headquarters Asia-Pacific
info@f5.com apacinfo@f5.com
© 2011 F5 Networks, Inc. All rights reserved. F5, F5 Networks, the F5 logo, BIG-IP, ARX, FirePass, iControl, iRules, TMOS, and VIPRION
are registered trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. CS04-00016 0711
changes, or rewrites. Detailed PCI reporting performance advantages, including SSL
determines if PCI DSS compliance is being offload, caching, compression, TCP
met and provides steps required to become optimization, and more. BIG-IP ® Local
compliant if not. Traffic Manager ™ integration enables
protection from (D)DoS and other network
Get out-of-the-box protection attacks. And because BIG‑IP ASM works
on the same platform with other BIG‑IP ®
Equipped with a set of pre-built and
modules, you can benefit from centralized
certified application security policies,
access control and even greater
BIG‑IP ASM gives you out-of-the box
performance improvements.
protection for common applications such
as Microsoft Outlook Web Access, Lotus
Deploy flexibly and increase
Domino Mail Server, Oracle E-Business business agility
Financials, and Microsoft Office SharePoint.
A rapid deployment policy secures any BIG-IP ASM Virtual Edition deploys in flexible
internal or third-party application. environments, protecting your virtual and
private cloud applications. By automatically
building and managing security policies
Improve performance
around newly discovered vulnerabilities,
Unlike many other security s olutions, BIG-IP ASM deploys fast, agile business
with BIG‑IP ASM you don’t have to choose processes to secure your applications against
between security and performance. constantly changing threats.
F5 TMOS® architecture provides significant
Learn more about BIG‑IP ASM
· iRules For more information about BIG‑IP ASM,
· TCP/IP optimization use the search function on f5.com to find
· L7 Rate Shaping™ these resources.
· Isolated resource allocation (vCMP) Datasheets
· iApp™ for pre-configured policies BIG‑IP ® Application Security Manager ™
· Application visibility and reporting BIG‑IP ® Add-On Modules
· Comprehensive attack protection White papers
· Cross-site request forgery Intelligent Layer 7 DoS and Brute Force
Protection for Web Applications
· Layer 7 (D)DoS
Application and Data Security with
· Cross-site scripting
F5 BIG-IP ASM and Oracle Database Firewall
· SQL injection
· Parameter and HPP tampering Case study
· Session highjacking Human Kinetics Boosts Website Performance,
· Cookie manipulation Security, and Innovation with F5 Solution
· Forceful browsing
Article
· XML bombs/DoS
SC Magazine, 2010 Reader Trust Award for
Best Web Application Security
F5 Networks Ltd. F5 Networks
Europe/Middle-East/Africa Japan K.K. IT agility. Your way.
emeainfo@f5.com f5j-info@f5.com