What is F5 BIG-IP?
In this article
The BIG-IP load balancer was first introduced to the market back in 1997, well over a decade before cloud computing would become mainstream; suffice to say, F5 has acquired battle-tested expertise honed over a quarter-century of building solutions for remediating overloaded servers and misallocated traffic. These days, F5's BIG-IP has expanded to an entire suite of hardware and software offerings that help organizations manage and control all facets of network traffic.
In this article, we'll explore F5 BIG-IP, highlight some of its features and benefits, as well as delve into the various software modules that comprise the BIG-IP Traffic Management Operating System (TMOS) platform/environment.
Known initially for its load balancing capabilities, the BIG-IP platform now belongs to a category of network devices called application delivery controllers (ADC). In contrast to traditional load balancers that simply distribute traffic across numerous servers, ADCs provide various services from OSI layers 4 to 7—including helping applications route user traffic across servers to manage and mitigate excess load.
On top of its load balancer and full proxy, F5 BIG-IP's suite of software and hardware offers a range of other features for controlling the traffic that passes an organization's networks and IT environments.
In a network context, full proxies are capable of maintaining two separate connections—one between itself and the client, and the other between itself and the destination server. BIG-IP delivers the only true full proxy on the market, allowing organizations to maintain two sets of connections for dynamic traffic augmentation on both sides of the BIG-IP device.
Organizations have full visibility and control (e.g., inspection, encryption/decryption) of all traffic that passes through the network.
The foundational component for all of F5 BIG-IP's hardware and software is F5's proprietary operating system TMOS: a specialized OS consisting of a separate kernel for processing packers in real-time, sitting adjacent to F5's enterprise CentOS derivative of Linux.
TMOS creates a virtual, centralized pool of highly scalable and modular/reusable services that adapt dynamically to the conditions of data centers, virtual environments, and/or cloud infrastructures. F5 BIG-IP modules are all enabled by TMOS in the software's provisioning section per the existing licensing.
F5 BIG-IP suite was designed to be as future-proof as possible; to this end, products/modules designed on top of TMOS can be extended through open APIs, from control plane to data plane. For example, the iControl API can be used in applications that cue TMOS-based devices to control traffic flow and enhance performance. The iControlREST API offers a REST-based API for imperative configuration and service control of BIG-IP via remote applications.
For a full list of BIG-IP APIs, please see F5's BIG-IP API documentation page.
F5 BIG-IP offers a broad software suite of licensed modules, some of which include the following:
- Local Traffic Manager (LTM): LTM provides intelligent traffic management and advanced application security, acceleration, and optimization
- DNS: DNS routes users to the optimal data center to streamline application performance, enabling organizations to keep their apps performant during periods of high use as well as distributed denial-of-service (DDoS) attacks
- Access Policy Manager (APM): APM secures, simplifies, and centralizes users access to applications
- Secure Gateway Service (SWG): Together with APM, SWG enables the creation and management of policies for managing web access and mitigating various cyber threats (e.g., web-based threats).
- Application Web Application Firewall (AWAF): AWAF allows for the deployment of web application firewall (WAF) services close to applications, effectively protecting the services where they reside
- Advanced Firewall Manager (AFM): AFM offers application protection against even the large-scale volumetric DDoS attacks
- Policy Enforcement Manager (PEM): PEM improves network performance via optimal policy management
- Carrier-grade NAT: A feature of LTM, BIG-IP's carrier-grade NAT helps organizations stay ahead of their IPv4 to IPv6 migrations
- Diameter Traffic Management: Diameter is a specialized protocol for authentication, authorization, and accounting (AAA) messaging services in network access and data mobility applications; BIG-IP's Diameter Traffic Management allows organizations to manage and scale Diameter signaling for their networks.
To learn more about the BIG-IP portfolio of traffic management software and hardware solutions, check out WWT's expansive coverage of F5's products and solutions—or better yet, contact us today to learn more about our services.