Forum Discussion

Re: Seek to check CVE database and recently release in F5 firewall

Great data.

My only comment would be that many F5 BIG-IP software devices are definitely firewalls now. I have designed clusters of SP firewalls on VE that scale to 64M PPS per pop, geoscaled by Anycast with absolutely no load balancing involved. The provider referred to it as "Infinite Scale Security". I've designed a massive enterprise VIPRION pair that take 4 inbound 100 Gbps pipes and run DDoS and WAF only for a consolidated back-end DMZ with PA / Cisco firewalls as a firewall for the firewalls before any load balancing (besides inbound link LB) happens anywhere. It's been rock solid for 8 years. No outages since implemented.

I would argue that F5 *IS* a firewall and a formidable one, at that. My last 6 years selling here, 100% of my designs for service provider were AFM / ASM. Some GTM, some LTM, but all of them had AFM or ASM deployed.

 

No RepliesBe the first to reply