F5 MCP Server

45 tools. 26 can modify or destroy data without limits.

3 destructive tools with no built-in limits. Policy required.

Last updated:

26 can modify or destroy data
19 read-only
45 tools total

Community server · catalogue entry verified 03/07/2026

How to control F5 MCP Server ↓

What F5 MCP Server exposes to your agents

Read (19) Write / Execute (21) Destructive / Financial (3)
Critical Risk

The most dangerous F5 MCP Server tools

26 of F5 MCP Server's 45 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control F5 MCP Server

PolicyLayer is an MCP gateway — it sits between your AI agents and F5 MCP Server, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "delete_auth_user_tool": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "add_device_to_group_tool": {
    "limits": [
      {
        "counter": "add_device_to_group_tool_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "get_auth_user_tool": {
    "limits": [
      {
        "counter": "get_auth_user_tool_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register F5 MCP Server — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON F5 →

Instant setup, no code required.

All 45 F5 MCP Server tools

WRITE 19 tools
Write add_device_to_group_tool device group에 device(호스트명) 추가. Write add_management_route_tool management route 추가. syslog를 mgmt 포트로 보낼 때 목적지로 가는 경로가 필요하면 사용. network: default 또는 x.x.x.x/prefix. Write add_to_trust_tool 현재 연결된 장비(Primary)에서 피어 장비를 trust 도메인에 추가. REST API를 먼저 시도하고 403일 때만 TMSH 폴백. 반환: ok, method(REST|TMSH_fallbac Write apply_basic_settings_tool apply_basic_settings_tool Write apply_ha_tool apply_ha_tool Write apply_l4_standard_db_tool L4 표준 DB 설정 적용. Write apply_l4_standard_profiles_tool L4 표준 프로파일 생성. Write async_tool async_tool Write create_auth_user_tool auth user(계정) 생성. Write create_device_group_tool device group 생성. 기본: autoSync=enabled, saveOnAutoSync=True(Save on Automatic Sync), fullLoadOnSync=False(Incre Write create_tool 리소스 생성. resource_path 예: ltm/pool, net/vlan, net/self. object_type만 주면 ltm/object_type(기존 호환). url_body는 API 스 Write set_dns_tool DNS 서버 설정. Write set_hostname_tool F5 BIG-IP 호스트명 설정. hostname은 FQDN 형식으로만 장비에 전달됨(필수). 짧은 이름은 bigip2.localdomain 형태로 보정 후 전달. CM device name도 함께 Write set_ntp_tool NTP 서버 및 타임존 설정. Write set_syslog_tool Syslog 로그 레벨 및 설정 변경. Write tm_patch_tool TMOS API PATCH. path는 리소스까지 포함 (예: ltm/pool/~Common~my_pool). body는 변경할 속성만. Write tm_put_tool TMOS API PUT. path는 리소스까지 포함. body는 전체 속성 (교체). Write update_auth_user_tool auth user(계정) 수정. Write update_tool 리소스 수정. resource_path 예: ltm/pool, net/vlan. object_name은 리소스 이름.
READ 19 tools
Read get_auth_user_tool auth user(계정) 단일 조회. Read get_config_templates_tool 설정용 YAML 템플릿과 사용법 가이드 내용을 반환한다. 사용자가 'template 뽑아줘', '설정용 yaml 파일 전달해줘' 등으로 요청했을 때 호출하여 전달할 내용을 가져온다. Read get_dns_tool 현재 DNS 설정 조회. Read get_ha_status_tool HA(이중화) 상태 조회: cm device 목록, device group 목록, sync-status. Read get_hostname_tool 현재 호스트명 조회. Read get_l4_standard_db_state_tool L4 표준 DB 항목의 장비 현재값 조회. Read get_l4_standard_profiles_state_tool L4 표준 프로파일 5개의 장비 현재 설정 조회. Read get_management_routes_tool management route 목록 조회 (mgmt 포트 라우팅). syslog를 mgmt로 보낼 때 경로 확인용. Read get_ntp_tool 현재 NTP 설정 조회. Read get_one_tool 단일 리소스 조회. resource_path 예: ltm/pool, net/vlan, net/self. Read get_syslog_tool 현재 Syslog 설정 조회. Read health_check_tool 연결 상태 확인. Read list_auth_users_tool auth user(계정) 목록 조회. Read list_cm_devices_tool cm device 목록 조회 (hostname, configsyncIp, mirrorIp, failoverState 등). Read list_tool 리소스 목록 조회. resource_path 예: ltm/pool, net/vlan, net/self. object_type만 주면 ltm/object_type(기존 호환). Read show_logs_tool 시스템 로그 조회. Read show_stats_tool 리소스 통계 조회. resource_path 예: ltm/pool, net/vlan. object_type만 주면 ltm 하위로 처리(기존 호환). Read tm_api_reference_tool F5 iControl REST API 네임스페이스 요약. tm_get/post/patch/put/delete_tool 사용 시 path 참고용. Read tm_get_tool TMOS API GET. path는 tm 하위 경로 (예: ltm/pool, ltm/pool/~Common~my_pool, net/vlan, sys/syslog).

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about F5 MCP Server

Can an AI agent delete data through the F5 MCP Server MCP server? +

Yes. The F5 MCP Server server exposes 3 destructive tools including delete_auth_user_tool, delete_tool, tm_delete_tool. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through F5 MCP Server? +

The F5 MCP Server server has 19 write tools including add_device_to_group_tool, add_management_route_tool, add_to_trust_tool. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach F5 MCP Server.

How many tools does the F5 MCP Server MCP server expose? +

45 tools across 4 categories: Destructive, Execute, Read, Write. 19 are read-only. 26 can modify, create, or delete data.

How do I enforce a policy on F5 MCP Server? +

Register the F5 MCP Server MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every F5 MCP Server tool call.

Deterministic rules across all 45 F5 MCP Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

45 F5 MCP Server tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.