F5 BIG-IP BEST with IPI and Threat Campaigns (PAYG, 1Gbps)

I have multiple use cases for F5 BIG-IP Virtual Edition . One use case involves using it purely as a load balancer. I have multiple back-end pools that need to be exposed to the internet with the help of F5 BIG-IP Virtual Edition . Another use case involves F5 VPN, which uses Access Policy Manager on the BIG-IP side so customers can dial into their VPN profile to access the intranet where the company operates.

Within APM , we have different use cases. Some users want to connect with Active Directory credentials, some want to connect with single sign-on authentication, and some want to connect with multi-factor authentication. For authentication, users have to provide their RADIUS token as well as their Active Directory passwords. Beyond normal VPN users, we have use cases to use APM  as a portal access, which means instead of network access, we customize whatever application needs to be accessed by the end users. We can customize that application through the browser and users can access it as a portal. Additionally, I use F5 ASM , which is the advanced WAF , to mitigate vulnerabilities based on the applications we are using.

My favorite features of F5 BIG-IP Virtual Edition are SSL offloading and iRule. SSL offloading can also be seen in other competitors such as Radware and Citrix. However, iRule is something that allows us to control the traffic very granularly. We are able to customize how we want to control the traffic. I see a big advantage in F5 BIG-IP Virtual Edition's iRules.

F5 BIG-IP Virtual Edition provides granular control. F5 also provides a free license for one month. Even for an intern or an engineer who does not have lab resources in their environment, they can use this one-month free trial license. They can set up a lab and learn extensively. This helps us to upskill ourselves. Moreover, all solution documents are easily available on the F5 official site. It is very hard to find this information in other products such as Cloudflare  or Radware. They provide only the outline of what we are looking for, but they do not give detailed information on what it does and how it does. F5 BIG-IP Virtual Edition provides this information for free.

A downside of F5 BIG-IP Virtual Edition is that to capture TCP dump, in Palo Alto, we can do it within the UI itself. However, here, to capture the TCP dump, we need to log in into the CLI and be familiar with the commands. Sometimes the commands that we keep handy work, and sometimes they do not work. We have to look for the command again and prepare with the correct commands. Another issue is logs. Logs can sometimes be pretty hard to analyze to determine what causes the issue. For example, in some use cases, if we try to find out if the pool member is flapping, I would say the active pool member is also showing that it flaps for every second for some milliseconds. That is a significant downside.

I have been working with the solution for almost 10 years.

I have used Radware as an alternative. I used Radware WAF  as well as Radware load balancer. Comparatively, I find F5 BIG-IP Virtual Edition more effective in both the WAF as well as the LTMs.

If I were to choose one solution, I would really go for F5 BIG-IP Virtual Edition. I would rate this solution an 8.5 out of 10.

My main use case for F5 BIG-IP Virtual Edition  is that I used it for LTM, ASM, and GTM modules. I used F5 LTM to load balance customer application traffic, and I used ASM to protect and safeguard customer applications from various cyber threats, attacks, and day-to-day emerging vulnerabilities. We also had DNS and Global Traffic Manager services for multiple client applications, so I have hands-on experience with all these technologies of F5 BIG-IP Virtual Edition  including LTM, GTM, and ASM.

In my previous organization, we had a data center virtualized environment using VMware ESXi  hosts. We had bare metal ESXi hosts where we installed VMware vSphere  and NSX virtualization software. To perform customer application load balancing and enable application security, we installed F5 BIG-IP Virtual Edition VMs, which can protect the application from various cyber attacks and perform seamless application load balancing for traffic sharing between application nodes. We purchased licenses for VMs based on the requirement of LTM, GTM, and various security features and deployed the VMs on VMware vSphere  and the VMware NSX  environment. I also had work experience deploying F5 BIG-IP Virtual Edition in public clouds such as GCP and OCI  from the marketplace images, enabling seamless network connectivity and performance for customer applications via F5 BIG-IP Virtual Edition VMs.

With the specific use case of load balancing and protecting against various threats, I use F5 LTM to perform load balancing for major production applications. One of our customers had only a single application server serving all application traffic of the entire production application and reported a performance issue. Following the management architecture review of the application, they identified the need for enabling load sharing for the application. We suggested implementing F5 LTM load balancer, which could provide load sharing between multiple application nodes. We recommended hosting the application on multiple servers instead of a single server, configured it via F5 LTM, and ultimately load balanced the application traffic for three additional nodes. The client achieved seamless traffic load balancing between the multiple application nodes, and the application performance increased, eliminating the slowness issue. In terms of LTM features, we can offload SSL certificates on LTM, conduct SSL encryption and decryption, and implement numerous traffic redirection rules, multiple LTM policies, and iRules that affect application traffic. Regarding ASM, we have used it to protect client applications from DDoS attacks, major OWASP Top 10 attacks, SQL injection attacks, script injection attacks, and many botnet attacks. For instance, one of our clients experienced a DDoS attack on a major live application, and we enabled ASM policies with DDoS protection, setting TPS count values based on geolocation IPs. Using those DDoS protection policies, we prevented many DDoS attacks. The WAF  ASM signature has helped us mitigate various cyber threats for clients, utilizing automated policy learning and traffic learning to avoid manual intervention in creating and hardening security rules.

F5 BIG-IP Virtual Edition includes strong application delivery and load balancing without needing to purchase separate devices for LTM, ASM, and GTM, as all modules are available on a single device. The solution is reliable for hosting applications and performing load balancing and acts as a reverse proxy, providing unified public access for multiple applications. Additionally, the cost advantages compared to physical appliances are notable since pricing for physical appliances is significantly higher than for F5 BIG-IP Virtual Edition. Therefore, for enterprise clients, F5 BIG-IP Virtual Edition is much more cost-effective and provides cost savings.

Moreover, F5 LTM has many reliable security features, including DDoS capabilities, DDoS protection, bot protection, IP reputation, and threat intelligence. These are key features available in F5 ASM  to protect customer applications. F5 LTM, GTM, and F5 products enhance customer application experiences and F5 BIG-IP Virtual Edition supports deployment across various platforms in public clouds including AWS , Azure , VMware, KVM , and other hypervisors. These are major positive features of F5 BIG-IP Virtual Edition.

Since we implemented F5 BIG-IP Virtual Edition, we have experienced better application performance and lower costs compared to hardware appliances, along with flexibility in deploying F5 BIG-IP Virtual Edition across multiple hybrid clouds. The solution provides a stronger security posture, operational efficiency, and automation facilitating deployment in automated modes. It integrates with various orchestration tools and SIEM  tools, offering centralized management via BIG-IQ, and reduces server load and application load by cutting down on SSL encryption, decryption, and security analyses performed by different security tools and servers. This has led to a reduction in server count by up to 60 percent for improved application performance and SSL offloading.

The improvement points I can suggest are that F5 BIG-IP Virtual Edition tends to be highly resource-intensive, as we often encounter issues with high CPU, RAM, and storage utilization, particularly with ASM and LTM modules. Moreover, the licensing and pricing can be complex, and the pricing seems higher compared to other products. Certain virtual editions come with NIC limitations, permitting only two NICs for some VMs, and there are performance concerns when compared to hardware appliances, especially with high loads running on multiple modules simultaneously. Additionally, the device's GUI is not user-friendly, requiring admins to undergo significant training to begin administering F5 BIG-IP Virtual Edition, as it appears outdated. I would suggest considering pricing reductions, improving performance and resource consumption, and making the GUI more user-friendly.

I have been using F5 BIG-IP Virtual Edition for nearly six years.

Apart from issues with high CPU and memory utilization and resource consumption, F5 BIG-IP Virtual Edition is stable.

F5 BIG-IP Virtual Edition scalability is satisfactory as we can add necessary CPU and memory resources when needed, purchase new licenses, and add required features to scale the devices deployed on F5 BIG-IP Virtual Edition.

We receive prompt customer support from the technical assistance center. However, we have experienced delays in support during non-business hours on weekends. For business hours and critical cases, prompt support is consistently provided.

Previously, we utilized VMware NSX  cloud-native AVI load balancers and Array load balancers, but both of those had limited features compared to F5 BIG-IP Virtual Edition load balancer and ASM. The existing solutions did not meet our feature requirements or customer demands, which is why we switched to F5 BIG-IP Virtual Edition.

In terms of return on investment, we have seen significant improvement in application performance after deploying F5 BIG-IP Virtual Edition. This enhancement has led to better user experiences and attracted more business or application traffic, contributing to organizational growth.

My experience with pricing, setup cost, and licensing has been generally good, although it is managed by an account manager. While I encountered scenarios where the pricing was higher compared to other products, the overall experience was satisfactory, with proper support from the account and sales team during the procurement of new VMs.

We evaluated VMware AVI load balancer, WAF , and FortiWeb WAF before choosing F5 BIG-IP Virtual Edition.

I would advise others looking into using F5 BIG-IP Virtual Edition to consider it based on their application architecture. If an application requires better performance, security postures, and reliable delivery, I would recommend using F5 BIG-IP Virtual Edition. I am satisfied with F5 BIG-IP Virtual Edition and have no further additional thoughts on it. I would rate this product a 6 out of 10.

My main use case for F5 BIG-IP Virtual Edition  is typically using F5 LTM and GTM, where LTM is for local traffic management and GTM handles different data load balancing. We have two data centers in two different locations, and through BIG-IP GTM, we perform cross-data-center load balancing. In each data center, we have to do unit management, and in total, we have over 100 units, with 60 being virtual editions.

For day-to-day tasks, whatever is operationally needed, F5 BIG-IP Virtual Edition  is definitely helping us a lot to keep applications available at all times.

The best features F5 BIG-IP Virtual Edition offers include iRule, which is the most important feature of F5 LTM. If a feature is directly not available in F5, we can achieve that using iRule, such as logging, redirection, HTTP to HTTPS blocking, and redirection at URI level or content level. These features are exceptional and even persistence-related features help us a lot in day-to-day tasks.

I find the customization feature of F5 BIG-IP Virtual Edition particularly useful, along with many other features such as Health Monitor, which we can use to monitor health. If something is not allowed and the application team wants us to blacklist some IPs, we can set up policy region-based controls and achieve that. These are great features of F5.

F5 BIG-IP Virtual Edition has positively impacted my organization by simplifying management, as we previously had to manage hardware boxes. Now with the virtual edition, it is easy to use and reliable. We do not find any issues; we have been working with it for the last three to four years and not a single issue has been reported, making it a very reliable and stable product.

I do not wish for any improvements in F5 BIG-IP Virtual Edition; everything looks good for me. If anything is needed, we raise a ticket, and they take our feedback seriously.

I have been using F5 BIG-IP Virtual Edition for three years, and I am using F5 LTM virtual edition, which is a great product.

F5 BIG-IP Virtual Edition is indeed very stable.

The customer support for F5 BIG-IP Virtual Edition is good; we get immediate responses based on priority.

In this organization, from the beginning, we have been using F5 LTM, but in my previous organization, I used Radware, and I found that F5 LTM edition is a more stable product.

Since moving to F5 BIG-IP Virtual Edition, we are getting a license directly from F5 and have deployed it over our VM, resulting in cost and time savings. Earlier, if hardware was faulty, we had to replace it, but now we simply run our OS over the VM, making it a great product.

My experience with pricing and setup costs for F5 BIG-IP Virtual Edition was mixed, as they do not have an option for 10 gig licensing, which was costly for us. If they could also provide 5 gig and 6 gig licenses, that would be better.

Before choosing F5 BIG-IP Virtual Edition, I did not evaluate other options, as the decision completely came from the sales team. They asked for feedback, and since the feedback was great, I am not completely aware of the commercial part, but for us, it is serving our purpose with no issues.

A specific scenario where F5 BIG-IP Virtual Edition helped solve a challenge for me is its ability to achieve high availability and make applications always available. It provides application-level availability, monitoring the health of applications. We even have the option to check the content and actual application status, allowing us to monitor the response code, which are great features of F5 LTM, making my work easier.

My advice to others looking into using F5 BIG-IP Virtual Edition is that it is a reliable and stable product; they can definitely go for F5 LTM.

My main use case for F5 BIG-IP Virtual Edition  is to manage a lot of implementations across many sites. I have implemented it as LTM for local traffic management or application delivery control. I have multiple services on multiple servers and need to load balance between these servers.

After that, I have also implemented it as ASM, another module, application security manager, which acts as a WAF  solution for these services.

The modules LTM and ASM help my organization day-to-day by increasing performance and balancing loads across multiple servers to help our customers. I need a very good load balancer because I have multiple services and servers providing a single service. Additionally, ASM secures these services as a WAF  solution.

I have published my services to the internet to allow customers to browse our services and websites, so I need a very good WAF solution that is always updated and capable of stopping complex attacks. F5 BIG-IP Virtual Edition  provides these solutions, particularly with ASM and Advanced WAF, which have a lot of features and licenses. I first deployed F5 BIG-IP Virtual Edition as a virtual edition alongside LTM and ASM.

In my experience, the best features F5 BIG-IP Virtual Edition offers include stability and credential stuffing protection, along with a full proxy for layer seven, allowing it to load balance till layer seven and on any port. This versatility is very good compared to FortiWeb, which only supports HTTP and HTTPS, making F5 BIG-IP Virtual Edition a superior product for load balancing and WAF solutions.

My experience with the credential stuffing protection feature has been positive. It provides updates about username and password exposure on the darknet and deep web, alerting me when credentials are found outside my organization, which is a crucial function. I feel I can rely on F5, a big vendor, for security. Additionally, the load balancer's ability to load balance till layer seven on all ports is impressive.

F5 BIG-IP Virtual Edition positively impacts my organization by increasing performance, allowing users to access my servers, and facilitating my publishing to those servers. I enjoy secure and high-performance web services for my customers, which is my main use case to protect my websites while allowing users to access them securely. Since implementing F5 BIG-IP Virtual Edition, I have noticed fewer security incidents, improved uptime, and measurable changes in speed and customer satisfaction.

I believe that F5 BIG-IP Virtual Edition, whether virtual or hardware, needs improvement in the logging module. There are many issues, and accessing the CLI to remove older logs to see new ones is cumbersome. I have mentioned this multiple times and opened support tickets, hoping it can be resolved in future versions.

I have been using F5 BIG-IP Virtual Edition for one year.

F5 BIG-IP Virtual Edition is stable.

F5 BIG-IP Virtual Edition's scalability is good but needs improvement.

The customer support from F5 is very professional. I would rate the customer support a nine on a scale of one to ten.

Before F5 BIG-IP Virtual Edition, I used FortiWeb, but I switched to F5 BIG-IP Virtual Edition because FortiWeb only supported load balancing for HTTP and HTTPS.

The initial setup and configuration of F5 BIG-IP Virtual Edition are very good. F5 BIG-IP Virtual Edition has a great GUI and concept; everyone in the IT field first learns about load balancing through F5 BIG-IP Virtual Edition. Most of my team holds certifications for F5 implementations.

I handle updates and patch management for F5 BIG-IP Virtual Edition by reaching out to support, downloading the ISO file, then uploading it to F5 BIG-IP Virtual Edition and upgrading it using this ISO. It is a simple process.

I have seen a return on investment with F5 BIG-IP Virtual Edition, as it secures my organization with WAF solutions against web attacks while enabling me to publish and load balance multiple servers with a single VIP.

The setup cost for F5 BIG-IP Virtual Edition is reasonable, as my team is certified and skilled in implementations. However, the software or product itself is on the higher cost side, but I see a good return on investment for this product.

Before choosing F5 BIG-IP Virtual Edition, I evaluated other options, specifically FortiWeb.

F5 BIG-IP Virtual Edition has integrated with my existing security tools by sending logs and flows from F5 BIG-IP Virtual Edition to IBM QRadar  as syslog and NetFlow.

F5 BIG-IP Virtual Edition handles high availability and failover in my environment with two units in active standby. I create a device group where one unit is active and the other is secondary. After configuring the active unit, I push the configurations to the secondary unit, so when maintenance is needed or if the active VM goes down, the passive unit quickly becomes active, handling all traffic for my customers.

My advice for others looking into using F5 BIG-IP Virtual Edition is to implement it in a well-structured manner; having a detailed design before implementation will be very useful. For example, creating internal and external VLANs can help in future expansions. I would rate this product a ten on a scale of one to ten.

My main use case for F5 BIG-IP Virtual Edition  is for LTM and GTM. For LTM, I use it for load balancing, and GTM is for global load balancing, which functions as intelligent DNS.

Let's suppose we have one application abc.com. We create an alias on abc.gslb.com and forward that traffic to a CNAME, which in turn forwards the traffic to the GTM. The GTM does the load balancing between the data centers. Sometimes it is active-active, and sometimes it is an active-standby setup similar to DCDR, depending on the requirement and application team requests. After that, if there is a disaster at some data center, such as power issues, the standby data center will serve that purpose. This really increases our availability and performance of the application, and we are receiving fewer complaints, almost none.

My use case is known mainly for the GTM and LTM.

The best feature of F5 BIG-IP Virtual Edition  is SSL offloading. There are different methods to deploy an application at Layer 2 and Layer 3 setup. Based on the requirement, we do that, so it is a complete ADC  application delivery control, providing all the solutions that the application team needs.

A particular feature I need in F5 BIG-IP Virtual Edition is iRule redirection. If they need SSL offloading or pass-through, or bridging, all kinds of solutions are available. Based on the requirement, we can fulfill those needs, even with GTM topology, which can be active-active or active-standby. In load balancing, there are different methods, so ratios and all can be easily configured as per the requirement. It works as a full proxy architecture, so it has the full capability to understand the request and response.

Another feature of F5 BIG-IP Virtual Edition that stands out to me is that it is template-based. For rapid deployment, if we need to create hundreds or thousands of VIPs at the same time, we can use iApp and scripting to do that easily. These are the major features, and for automation, we can easily manage that through F5 BIG-IP Virtual Edition.

F5 BIG-IP Virtual Edition has positively impacted my organization. Without LTM, there is a single point of failure. Since we have LTM, we are protecting our application. Previously we faced DoS attacks, and through iRule, we blocked those IPs. This iRule is a great feature, and now with our LTM, we are not exposing our actual server on the internet. Instead, we are exposing our VIP IP, providing security and scalability. We have the flexibility to add or remove servers as needed.

Regarding specific metrics or outcomes, earlier if one of the servers went down, there was a significant impact. Since F5 BIG-IP Virtual Edition is a smart device, it can monitor the services and applications irrespective of the port, checking whether the application is available or not. It is significantly reducing downtime. If any server is causing an issue, such as if the service is running but the internal application has crashed, F5 BIG-IP Virtual Edition will mark that server as down and will not send traffic to it. This increases performance and availability, building trust with clients, which directly translates into revenue. If there is reputational loss, we can lose money as well for the organization. We send our solutions to other vendors and recommend F5 BIG-IP Virtual Edition as a great product that everyone should need.

Improvements for F5 BIG-IP Virtual Edition should include training for newcomers. If they are not aware, it can be beneficial for them to learn. In authentication, there is currently a single method to add a single IP. Adding a fallback IP would also help. I am not sure if that feature will be included in the upcoming version, but I am still using an older version where that feature is not available.

I have been using F5 BIG-IP Virtual Edition for approximately five years, and I have been working on F5 BIG-IP Virtual Edition LTM virtual editions.

My advice to others looking into using F5 BIG-IP Virtual Edition is to definitely go with the full potential of F5 BIG-IP Virtual Edition LTM. It is a great product that will make your life easier and reduce costs. They provide great support, and the TAC team is there whenever needed. You can log a case and they will help.