Manual Chapter : BIG-IQ Web Application Security sizing recommendations

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 8.0.0
Manual Chapter

BIG-IQ Web Application Security sizing recommendations

Web Application Security (ASM/WAF) services in BIG-IQ have scale limits depending on your system's setup, BIG-IQ version, and the scope of your BIG-IP services. The following outlines the recommended configuration limits and corresponding hardware recommendations for managing Web Application Security objects on BIG-IQ. These recommended values were tested for a BIG-IQ setup running Web Application Security and Local Traffic Manager services. These values do not incorporate the system requirements if additional BIG-IP application services are managed by your BIG-IQ system.

System Sizing

The following are the maximum recommended objects in a BIG-IQ system running Web Application Security. These values were testing with the following BIG-IQ (CM) hardware configuration:
  • 8 cores/ CPU
  • 32 GB of memory
  • SSD local disk
  • 40GB disk space on
    /var
    partition
    /var
    sizing is not within the default settings of BIG-IQ CM, and adding disk space may require additional configuration. For more information see
    Resizing Disk Space on BIG-IQ Virtual Edition
    in the
    BIG-IQ: Sizing Guidelines
    found on
    support.f5.com
    .
Discovered BIG-IP Devices
ASM Policies
Policies per Device
160
1,000
60
Additional Notes
Maximum number of devices for a full simultaneous deployment: 5
Maximum number of devices for partial simultaneous deployment: No limit
For large-scale deployments*: You can improve performance results setting to the parallelism of differences, during a deployment evaluation, to 1. You can do so by using the following REST command:
restcurl -X PATCH -d '{value:1}' /cm/asm/preferences/device-batch-size
*Deployments that include BIG-IP objects that exceed the numbers listed in the table and/or have less than the recommended memory on BIG-IQ CM.