about the module AsM

ASM can dramatically impact the performance. Its hard to nail down numbers because it has a lot to do with what you enable within ASM, what your web pages involve, and what your traffic is like. But on an 8950, I have seen the CPU drop from 100% to 20% during load testing (where we intentionally drove traffic until things broke) by turning off ASM.

The use of ASM module will not handicap performance of LTM module. What will be affected is the overall performance of your application (page load time). As a rule of thumb, expect at least 15% increase in page load times due to ASM security-checks. If you use poorly configured policies (i.e. apply 'All Signatures', and enable all blocking settings that some do), this performance loss will be greater.

2200s Appliance only has 8GB memory, but with optimized configurations, you can pull off LTM + ASM in low-activity environments. To make a judgement call if you can provision ASM without taking great capacity risks, have a look at your performance graphs. What is your current CPU and Memory usage during peak-activity hours?

The use of ASM module will not handicap performance of LTM module. What will be affected is the overall performance of your application (page load time). As a rule of thumb, expect at least 15% increase in page load times due to ASM security-checks. If you use poorly configured policies (i.e. apply 'All Signatures', and enable all blocking settings that some do), this performance loss will be greater.

2200s Appliance only has 8GB memory, but with optimized configurations, you can pull off LTM + ASM in low-activity environments. To make a judgement call if you can provision ASM without taking great capacity risks, have a look at your performance graphs. What is your current CPU and Memory usage during peak-activity hours?

AFAIK, activating the ASM module itself won't add much if any load. The load increase will occur after you've built a policy and begin applying it to your VS's, also dependent upon the traffic level of those VS's. You can keep an eye on exactly how much ASM is adding under Security -> Reporting -> Application -> CPU Utilization. We are running BIG-IP 5000's and I have ASM enabled for over 200 VS's. ASM accounts for between 25-30% of cpu utilization. Total throughput on a single unit is between 350 Mb/s to 400 Mb/s currently.

AFAIK, activating the ASM module itself won't add much if any load. The load increase will occur after you've built a policy and begin applying it to your VS's, also dependent upon the traffic level of those VS's. You can keep an eye on exactly how much ASM is adding under Security -> Reporting -> Application -> CPU Utilization. We are running BIG-IP 5000's and I have ASM enabled for over 200 VS's. ASM accounts for between 25-30% of cpu utilization. Total throughput on a single unit is between 350 Mb/s to 400 Mb/s currently.