Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

HTTP Security Profiles and ASM Overlap

Good afternoon all,

I'm just wondering about how http security profiles fit into the BIG-IP offering as a whole in relation to the ASM security profile. The entire http_security profile is an overlap of the capabilities of ASM but it is attachable at the vs lvl.

My initial though is that it fulfills two requirements:

  1. To protect non-ASM deployments with standard http compliance if you have AFM licensed.
  2. To offer a defense in depth tiered architecture in which AFM/LTM is scrubbing traffic before being forwarded to an LTM/ASM box.
  3. Defense in depth.

Am I missing something here or am I accurate in my assumptions?

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

that is pretty much my feeling also. it started from somewhere probably and found its place in AFM. nice for a start, but if you need an actual WAF you need ASM.

0