We have a pair of F5 4000s LTM in redundant pair. what can we do to add firewall services to the 4000s
Firewall feature requires AFM licence on each appliance.
Can Big-IP 4000S' with LTM and AFM replace a typical firewall and service even for non-load-balanced devices?
We had Cisco ASAs and added F5 4000S' with LTM for our server farms. Now that we need to replace the Cisco ASAs and wondered if the AFM will suit in place of real firewalls. We use public IP addresses on subnets (inside, outside and dmz interfaces) along with all virtual and real server IPs. We are not using natting or patting at all on our network.
First, check whether you have a valid license for AFM or not under System --> License
If you already have a license for AFM feature, please check the System--> Resource Provisioning section from the GUI and verify that Advanced Firewall (AFM)'s Provisioning option is setted as "Nominal".