---
title: "F5 integration"
slug: "f5-integration"
description: "Learn how to integrate F5 with Traceable to enhance API and web application security through automated threat detection, policy enforcement, and real-time WAF protection."
updated: 2026-05-14T06:48:30Z
published: 2026-05-14T06:48:30Z
---

> ## Documentation Index
> Fetch the complete documentation index at: https://traceabledocs.document360.io/llms.txt
> Use this file to discover all available pages before exploring further.

# F5 integration

****Updates****(April 2026 to June 2026)****

- *May 2026*— Updated the topic to add information about the availability of the enable and disable options for configured F5 integration. For more information, see [Manage configured integration](/v1/docs/f5-integration#manage-configured-integration).

The F5 Application Security Manager (ASM) is a component of F5’s broader Application Delivery Controller (ADC) platform, specializing in advanced security features for web applications. ASM functions as a Web Application Firewall (WAF) and offers a range of capabilities to protect web applications from various attacks and vulnerabilities. ASM protects against common threats and employs a positive security model. It also performs behavioral profiling alongside SSL/TLS inspection.

## What will you learn in this topic?

By the end of this topic, you will be able to understand:

- An overview of the steps required to set up the integration.
- The prerequisites for setting up the integration.
- The steps to create the integration.
- The verification of the integration.

---

## Integration overview

This section provides high-level information on integrating Azure WAF with Traceable and managing threats.

1. **Installation** — Traceable allows you to choose from an agent-less or agent-based deployment option. For more information on Traceable agents, see [Installation](https://docs.traceable.ai/docs/installation).
2. **Integration Setup** — After deploying the agent, you can retrieve the credentials and configure the Azure integration. To do so, you must complete the following steps:
  1. **Prerequisites** — Login to your F5 account, and retrieve the credentials such as F5 server URL, F5 Application Policy Name, F5 Login Credentials comprising username and password to log in to your F5 account. For more information, see [Before you begin](/v1/docs/f5-integration#before-you-begin).
  2. **Integration** — After obtaining the credentials from the previous steps, navigate to the Traceable platform and configure the integration. For more information, see [Set up the integration](/v1/docs/f5-integration#set-up-the-integration).
3. **Threat Management** — After setting up the integration, you can establish rules to allow, block, or monitor IP addresses according to your specific requirements. Traceable’s integration with F5’s ASMI supports the following two types of rules:
  1. **Threat Actors** — Any status change of threat actor on the Traceable Platform is propagated to F5 WAF. For example, if Traceable detects a threat actor and changes it to a deny state, then the requests from this threat actor can be blocked using Azure. Traceable recommends going through the allow list conditions before creating any IP-range rules. Traceable allows creating allowlists using allowed and snoozed states, and supports blocking using deny and suspended states under threat actors. Moreover, if you make any changes, such as adding a threat actor to the allowlist or resolving the status, these changes are reflected in F5 within a few minutes.
  2. **Malicious Source Rules**(**IP Range only**) — If you configure any malicious source rules under **Protection** → **Policies** → **Custom Policies** → **Malicious Sources** tab to enforce blocking or allow for IP ranges to be executed through F5.

> [!NOTE]
> Note
> 
> Traceable recommends reviewing the allow list conditions before creating IP-range rules. For more information, see [IP address allowlist](https://docs.traceable.ai/docs/custom-policy#ip-address-allowlist).

The following is a high-level integration diagram:

![](https://cdn.document360.io/24f14f07-13d1-4684-8fae-6d8f811768ee/Images/Documentation/Traceable_WAF_F5_high_level_integration_diagram.png)

Traceable F5 Integration Diagram

---

## Before you begin

Make a note of the following before proceeding with the integration steps:

- Make sure you have a pre-configured F5 security policy to complete the integration with F5. If you do not have a pre-configured policy, see [Create a New Application Security Policy](https://f5-agility-labs-waf.readthedocs.io/en/latest/class7/module2/lab1/lab1.html?highlight=base#create-a-new-application-security-policy).

> [!NOTE]
> Note
> 
> Ensure that you have configured only the HTTPS F5 server URL. An HTTP URL is not supported.

---

## Set up the integration

After creating a security policy in F5, you must complete a few configurations in the Traceable Platform to integrate it with F5. Navigate to **Integrations** ( ![](https://cdn.document360.io/24f14f07-13d1-4684-8fae-6d8f811768ee/Images/Documentation/2025-07-09_12-58-50.png) ), and do one of the following:

- Search for *F5*in the search bar.
- Under **All Integrations**, navigate to**WAF** → **F5** and click **Configure**.

![](https://cdn.document360.io/24f14f07-13d1-4684-8fae-6d8f811768ee/Images/Documentation/Traceable_WAF_F5_nav (1).png)

F5 Integration Navigation

In the **F5** widget, click **Configure**, and in the **Add New F5 Integration** slide-out panel, complete the following steps:

![](https://cdn.document360.io/24f14f07-13d1-4684-8fae-6d8f811768ee/Images/Documentation/Traceable_WAF_F5_Add_new_integration(1).png)

Add new F5 integration

1. **Integration Name**— A unique name for your integration, for example, *F5_traceable_int*.
2. (Optional) **Description**—****A summary for your integration.
3. **Environments**— The environment****for which you wish to configure the integration. You can configure the integration for all environments or specific environments.
4. **F5 server URL**— The server URL to log in. For more information, see [Before you begin](/v1/docs/f5-integration#before-you-begin).
5. **F5 Application Policy Name**— The name of the F5 security policy where Traceable synchronizes and manages rules.
6. **F5 Login Credentials**— The login credentials****comprising **Username** and **Password**, to log in to your F5 account.
7. Click **Test Connection** to validate the connection between Traceable and F5.
8. Click **Save**. It is only enabled if the connection is successful.

> [!NOTE]
> Note
> 
> - If any Traceable rule contains more than one IP address, then multiple rules are created in the F5 security policy.
> - If a Traceable IP range is given in CIDR format with a network mask, then in F5, it is separated into IP address and network mask.
> - Make sure that the `Trust XFF header` is enabled when you create a security policy in F5. This is required for `the X-Forwarded-For` request header.
> - When you delete the integration configuration in Traceable, the security policy is also deleted in F5.
> - At present, F5 does not support IP range rules with condition `BLOCK_ALL_EXCEPT`.

---

## Manage configured integration

After configuring the integration, you can view the **F5 WAF Integration** under **Configured WAF Integrations**. Traceable gives you the flexibility to control how the integration operates. You can choose either of the following actions using the drop-down, according to your requirements:

- **Enabled** — You allow Traceable to actively update the WAF with the latest rules to enforce protection and monitor or block threats. When enabled, Traceable continuously sends new rules and updates to the WAF based on policy activity, helping enforce protections with the latest threat information and block suspicious traffic.
- **Disabled** — You stop Traceable from updating the WAF, so it no longer enforces new protections for that environment or region. When disabled, Traceable stops sending new rules and updates to the WAF for the selected environment or region, while other environments continue using their existing integration settings without impact. The WAF continues to enforce existing rules based on their last applied state, without receiving new updates. Traceable continues to detect and evaluate threats, but it does not enforce them through WAF.

---

## Verification

To verify a successful integration, send traffic through F5 and, after a while, verify in F5 by navigating to the **Application security → IP addresses**→ **IP address exception**. You would see the rules for a specific policy. Ensure you select the security policy from the drop-down list you configured in Traceable.

![](https://cdn.document360.io/24f14f07-13d1-4684-8fae-6d8f811768ee/Images/Documentation/traceable_f5_waf_configuration_verification.png)

## Related

- [Support Matrix for Custom Signature Rules](/support-matrix-custom-signature-rules.md)