F5 AFM Automation with Ansible

Today, I would like to write about Automation. IT Automation is increasingly used in big datacenter with lots of services, lots of servers and lots of appliances. Automation makes sense when we have to run the same operation repeatedly. For instance, we have to add a new malicious IP address to a group of IP addresses, which are denied with a firewall. It’s easy and recommended to do it automatically. Automation also makes sense when we have to add quickly lots of rules to a firewall policy to block an attack. In addition, automation is useful to deploy appliances, such as FortiGate or F5, with the same configuration when we have to deploy lots of them from time to time. You can check Automating F5 configuration with Ansible and FortiGate automation with Ansible.

Ansible & F5 AFM  - Creating a rule for allowing ICMP traffic

These weeks I have to migrate lots of firewall rules from iptables to F5 AFM. I think IT automation is going to help me to migrate all rules. In fact, Ansible is going to help me. It's easier to write all firewall rules in a playbook than creating all rules from the GUI. Once the playbook is completed, we can run the playbook with Ansible to create all rules at a time. It takes less time than creating the firewall rules from the GUI. You can watch in the next video how to write a playbook with a policy and firewall rules for F5 AFM. It’s easy and fast!

Have a nice week my friends!