BIG-IP: NEW LEVELS OF SCALE AND SECURITY

January 2013

2© F5 Networks, Inc.

F5 Introduces…

• New Physical and Virtual Application Delivery Controller (ADC) Offerings • F5 continues to execute on platform refresh strategy, including industry’s most powerful

ADC, enhanced BIG-IP Virtual Solutions, and entry level ADCs.

• New Application Delivery Firewall Solution• Seamlessly combines industry-leading traffic management, access, and firewall

capabilities within an intelligent services framework.

• Enhancements to BIG-IP Access Policy Manager• Improved single sign-on (SSO) capabilities for web-based, VDI, and client/server,

through support for SAML 2.0.

• Enhancements to BIG-IP Application Security Manager• Support for apps written with the Google Web Toolkit enhances security teams’ ability

to enforce application security policies.

3© F5 Networks, Inc.

Customer Challenges

Webification of apps Device proliferation

Evolving security threats Shifting perimeter

71% of Internet experts predict most people will do work via web or mobile by 2020.

95% of workers use at least one personal device for work.

130 million enterprise customers will use mobile apps by 2014.

58% of all e-theft tied to activist groups.

81% of breaches involved hacking.

80% of new apps will target the cloud.

72% of IT leaders have or will move applications to the cloud.

4© F5 Networks, Inc.

New Lineup of BIG-IP ADC Platforms

Broad hypervisor support for advanced ADC in private and public clouds

Complete range of NEW platforms from entry-level to the highest performing ADC

Cloud-ready ADC – Delivering flexibility with ScaleN

Executive Summary

High scale and performance to secure the most demanding data centers

Full-proxy firewall for outstanding security

Simplification by consolidating security, networking, and application delivery

Application Delivery Firewall

5© F5 Networks, Inc.

Complete range of BIG-IP platforms, from entry-level to the highest performing ADC

BIG-IP VEUp to 3Gbps

BIG-IP 10200v2M L7 RPS

BIG-IP 2000s212K L7 RPS

BIG-IP 2200s425K L7 RPS

VIPRION 480020M L7 RPS

BIG-IP 4000 Series850K L7 RPS

Purpose Built and Carrier Grade Reliability

Cloud ready - Unmatched flexibility with F5’s ScaleN technology

Broad hypervisor support for advanced ADC capabilities in private and public clouds

NEW ScaleN-Enabled BIG-IP Platforms

6© F5 Networks, Inc.

Amazon AWS

Citrix XenServer

Microsoft Hyper-V

KVM

VMware vSphere

Flexible Virtual Environment and Cloud Deployment Options

3Gbps

Unmatched flexibility across all major virtualization platforms.

Performance

Private Public

7© F5 Networks, Inc.

F5’s ScaleN Technology

Elastic, App-Aware, and Multi-Tenant Infrastructure

• Eliminate costly over-provisioning

• Improve resource utilization• Consolidate with shared infrastructure

On-Demand Scaling Horizontal Clustering Virtualization

Industry's only all-active scaling platform handling app-level failover

Robust multi-tenant scaling with runtime isolation for versions and modules

Extend current infrastructure capacity without additional devices

All-Active

App-Level Control

TMOS TMOS TMOS TMOS

Virtualization Partitions

8© F5 Networks, Inc.

Introducing the F5 Application Delivery Firewall (ADF)Bringing deep application fluency to firewall security

One platform

SSL inspection

Traffic management

DNS security

Access control

Applicationsecurity

Networkfirewall

EAL2+EAL4+ (in process)

DDoS mitigation

9© F5 Networks, Inc.

“Next Generation” Firewall

• Outbound USER inspection• Who is doing what?• “Trusted” users to Internet• App Awareness: Broad but shallow

Corporate

(users)

Application Delivery Firewall

Data center

(servers)

• Inbound APPLICATION protection• Application delivery focus• “Untrusted” users to data center• App Awareness: Specific but deep

A Firewall Built for the Data Center

10© F5 Networks, Inc.

F5’s Application Delivery Firewall Solution

iRules extensibility everywhere

Products

Advanced Firewall Manager

• Stateful full-proxy firewall

• Flexible logging and reporting

• Native TCP, SSL and HTTP proxies

• Network and Session anti-DDoS

Access Policy Manager

• Dynamic, identity-based access control

• Simplified authentication infrastructure

• Endpoint security, secure remote access

Local Traffic Manager

• #1 application delivery controller

• Application fluency

• App-specific health monitoring

Application Security Manager

• Leading web application firewall

• PCI compliance

• Virtual patching for vulnerabilities

• HTTP anti-DDoS

• IP protection

Global Traffic Manager & DNSSEC

• Huge scale DNS solution

• Global server load balancing

• Signed DNS responses

• Offload DNS crypto

IP Intelligence

• Context-aware security

• IP address categorization

• IP address geolocation

SSL inspection

Traffic management

DNS security

Access control

Applicationsecurity

Networkfirewall

DDoS mitigation

11© F5 Networks, Inc.

Comparing F5’s Performance and ScalabilityThroughput Connections per second

Sessions Footprint

F5 (VIPRION 4800)

Juniper (SRX 5800)

Cisco (ASA 5585-X)

Check Point (61000)

F5(VIPRION 4800)

Juniper (SRX 5800)

Cisco (ASA 5585-X)

Check Point (61000)

0

100

200

300

400

500

600

700

Gb

ps

0

200

400

Mil

lio

ns

0

2

4

6

8

Mil

lio

ns

Ra

ck

un

its

0

100

200

4x21x

17x14x

F5 (VIPRION 4800)

Juniper (SRX 5800)

Cisco (ASA 5585-X)

Check Point (61000)

F5(VIPRION 4800)

Juniper (SRX 5800)

Cisco (ASA 5585-X)

Check Point (61000)

12© F5 Networks, Inc.

F5’s ADF: Application-Oriented Policies and Reports

13© F5 Networks, Inc.

devcentral.f5.com

facebook.com/f5networksinc

linkedin.com/companies/f5-networks

twitter.com/f5networks

youtube.com/f5networksinc