Deploying LTM, GTM and ASM on the same appliance?

Question

Hi;&nbsp;
I would like to ask if it is possible to have LTM doing load balancing plus (ssl decryption of https requests then re-encryption and ssl decryption of https responses then re-encryption) &nbsp;
As well as GTM and ASM running on the same 1 Gig throughput BIG-IP AWS cloud based virtual appliance. Please note the the overall load is distributed between 3 cloud based BIG-IPs in 3 data centres "zones" using GTM.&nbsp;
From the perspective of "Memory and CPU" on the cloud based BIG-IPs, is this possible?&nbsp;
Kindly
Wasfi&nbsp;

vijay_e · Answer

It depends ;-) &nbsp;
I think LTM + GTM is quite reasonable but ASM tends to consume cpu resources quite a bit and can cause issues. You would have to think in terms of what are the main pain points you are solving. I mean, some applications/accounts tend to be targeted for DNS based DDoS/DoS and in this case, having a separate GTM helps as you are not sacrificing your LTM or ASM when there is a DNS level attack. What kind of signatures are you intending to utilize on ASM is important too as some signatures can consume a lot of resources. Do you have access to an F5 SE - might provide a better answer based on your unique needs. &nbsp;

Forum Discussion

Deploying LTM, GTM and ASM on the same appliance?

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Re: Deploying F5 Distributed Cloud WAAP on Kubernetes

Deploying F5 BIG-IP with Azure Cross-region load balancer

Workshop: Deploy BIG-IP Cloud through Automation

Deploying a VPN on the BIG-IP APM

Deploy the NGINX Modern Apps Reference Architecture locally