Documentation Index

Fetch the complete documentation index at: https://docs.traceable.ai/llms.txt

Use this file to discover all available pages before exploring further.

F5 integration

  • 5 minute(s) read
Prev Next

Updates (April 2026 to June 2026)

  • May 2026 — Updated the topic to add information about the availability of the enable and disable options for configured F5 integration. For more information, see Manage configured integration.

The F5 Application Security Manager (ASM) is a component of F5’s broader Application Delivery Controller (ADC) platform, specializing in advanced security features for web applications. ASM functions as a Web Application Firewall (WAF) and offers a range of capabilities to protect web applications from various attacks and vulnerabilities. ASM protects against common threats and employs a positive security model. It also performs behavioral profiling alongside SSL/TLS inspection.

What will you learn in this topic?

By the end of this topic, you will be able to understand:

  • An overview of the steps required to set up the integration.

  • The prerequisites for setting up the integration.

  • The steps to create the integration.

  • The verification of the integration.

Integration overview

This section provides high-level information on integrating Azure WAF with Traceable and managing threats.

  1. Installation — Traceable allows you to choose from an agent-less or agent-based deployment option. For more information on Traceable agents, see Installation.

  2. Integration Setup — After deploying the agent, you can retrieve the credentials and configure the Azure integration. To do so, you must complete the following steps:

    1. Prerequisites — Login to your F5 account, and retrieve the credentials such as F5 server URL, F5 Application Policy Name, F5 Login Credentials comprising username and password to log in to your F5 account. For more information, see Before you begin.

    2. Integration — After obtaining the credentials from the previous steps, navigate to the Traceable platform and configure the integration. For more information, see Set up the integration.

  3. Threat Management — After setting up the integration, you can establish rules to allow, block, or monitor IP addresses according to your specific requirements. Traceable’s integration with F5’s ASMI supports the following two types of rules:

    1. Threat Actors — Any status change of threat actor on the Traceable Platform is propagated to F5 WAF. For example, if Traceable detects a threat actor and changes it to a deny state, then the requests from this threat actor can be blocked using Azure. Traceable recommends going through the allow list conditions before creating any IP-range rules. Traceable allows creating allowlists using allowed and snoozed states, and supports blocking using deny and suspended states under threat actors. Moreover, if you make any changes, such as adding a threat actor to the allowlist or resolving the status, these changes are reflected in F5  within a few minutes.

    2. Malicious Source Rules (IP Range only) — If you configure any malicious source rules under Protection â†’ Policies â†’ Custom Policies â†’ Malicious Sources tab to enforce blocking or allow for IP ranges to be executed through F5.

      Note

      Traceable recommends reviewing the allow list conditions before creating IP-range rules. For more information, see IP address allowlist.

The following is a high-level integration diagram:

Traceable F5 Integration Diagram

Before you begin

Make a note of the following before proceeding with the integration steps:

  • Make sure you have a pre-configured F5 security policy to complete the integration with F5. If you do not have a pre-configured policy, see Create a New Application Security Policy.

    Note

    Ensure that you have configured only the HTTPS F5 server URL. An HTTP URL is not supported.

Set up the integration

After creating a security policy in F5, you must complete a few configurations in the Traceable Platform to integrate it with F5. Navigate to Integrations ( ), and do one of the following:

  • Search for F5 in the search bar.

  • Under All Integrations, navigate to WAF → F5 and click Configure.

F5 Integration Navigation

In the F5 widget, click Configure, and in the Add New F5 Integration slide-out panel, complete the following steps:

Add new F5 integration

  1. Integration Name — A unique name for your integration, for example, F5_traceable_int.

  2. (Optional) Description — A summary for your integration.

  3. Environments — The environment for which you wish to configure the integration. You can configure the integration for all environments or specific environments.

  4. F5 server URL — The server URL to log in. For more information, see Before you begin.

  5. F5 Application Policy Name — The name of the F5 security policy where Traceable synchronizes and manages rules.

  6. F5 Login Credentials — The login credentials comprising Username and Password, to log in to your F5 account.

  7. Click Test Connection to validate the connection between Traceable and F5.

  8. Click Save. It is only enabled if the connection is successful.

Note

  • If any Traceable rule contains more than one IP address, then multiple rules are created in the F5 security policy.

  • If a Traceable IP range is given in CIDR format with a network mask, then in F5, it is separated into IP address and network mask.

  • Make sure that the Trust XFF header is enabled when you create a security policy in F5. This is required for the X-Forwarded-For request header.

  • When you delete the integration configuration in Traceable, the security policy is also deleted in F5.

  • At present, F5 does not support IP range rules with condition BLOCK_ALL_EXCEPT.

Manage configured integration

After configuring the integration, you can view the F5 WAF Integration under Configured WAF Integrations. Traceable gives you the flexibility to control how the integration operates. You can choose either of the following actions using the drop-down, according to your requirements:

  • Enabled — You allow Traceable to actively update the WAF with the latest rules to enforce protection and monitor or block threats. When enabled, Traceable continuously sends new rules and updates to the WAF based on policy activity, helping enforce protections with the latest threat information and block suspicious traffic.

  • Disabled — You stop Traceable from updating the WAF, so it no longer enforces new protections for that environment or region. When disabled, Traceable stops sending new rules and updates to the WAF for the selected environment or region, while other environments continue using their existing integration settings without impact. The WAF continues to enforce existing rules based on their last applied state, without receiving new updates. Traceable continues to detect and evaluate threats, but it does not enforce them through WAF.

Verification

To verify a successful integration, send traffic through F5 and, after a while, verify in F5 by navigating to the Application security → IP addresses → IP address exception. You would see the rules for a specific policy. Ensure you select the security policy from the drop-down list you configured in Traceable.

©2026 Traceable by Harness | Terms of Service | Privacy Policy | OSS Disclosures