TMOS--the foundation and architecture for F5's application delivery controllers running on the BIG-IP platform--brings a wealth of security to existing application delivery networks. Design and operational features, such as a full TCP and application proxy, optimized IP stacks, and virtual network segmentation, are just a small subset of the security features available on all TMOS-based appliances. But before the secure implementation of TMOS can be discussed, the question is often asked "How is TMOS itself secured?"
When creating any security-enabled network device, security of the device itself must be questioned. A gate provides no security to a house if the gap between the bars is large enough to drive an SUV through. Many highly effective exploits have been found against the very software and hardware that is designed to protect against those exploits. Attacks against anti-virus software are among the most common. If you can attack the guards, then you don't need to worry about being stealth.
With TMOS, F5 is very conscious of building and maintaining a secure and robust application delivery platform, and has implemented many different checks and counter-checks ensuring that TMOS provides the secure networking environment it was designed for. From providing security to the customer's application delivery network, through mandatory and routine checks against the stack source code to provide its own internal security, application delivery security starts with a secure application delivery controller.