F5 BIG-IP Cloud Edition: What You Need to Know

F5’s BIG-IP Cloud Edition is now released and available to order. Since you already may have read the general overview from our press release last month, I will use this blog to drill into more detail on what Cloud Edition is, explain what it means for you, and make sure everyone is on the same page.

In a nutshell, BIG-IP Cloud Edition brings F5’s best-of-breed, virtual per-app application services together with massively enhanced centralized management, resulting in a solution that delivers the ultimate in deployment simplicity, manageability, analytics, and automation. Significant to note, BIG-IP Cloud Edition was designed to deliver BIG-IP application services on a per-app basis—meaning dedicated, right-sized, and scalable—with multiple licensing options based on your operational needs.

Basically, BIG-IP Cloud Edition reframes the now-false narrative that you need to choose between industry-leading app services and development agility. As it turns out, with BIG-IP Cloud Edition, you can choose both and address the growing pressures on IT of digital transformation. 

Sounds great! But how does it work?

BIG-IP Cloud Edition combines BIG-IP per-app virtual editions (VEs) and BIG-IQ Centralized Management 6.0.

Let’s begin with BIG-IP per-app VE. Designed to be deployed and managed on an individual app basis, per-app VEs offer advanced traffic management or application security services in 25 Mb and 200 Mb throughput options that fit a scale-out model. Because it is deployed on a per-app basis, the licenses are lower cost, the disk images are lighter weight, and deployment times are quicker—which all make meeting the needs of modern application development easier. 

Next, there is BIG-IQ. BIG-IQ is the hub for deploying, managing, and monitoring your application services, including providing a self-service catalog of application templates that define the network and security services each application requires. BIG-IQ enables automated deployment in seconds via GUI or Rest API calls and includes a role-based, simple to use application dashboard for visibility, analytics, and management tasks. BIG-IQ not only makes it easy to deploy an application without being an F5 or security expert, it also can trigger on-demand auto-scaling of per-app VEs as business needs change. 

A critical component of BIG-IQ is its support for fine-grained, role-based access control (RBAC). Integrated with your directory system, BIG-IQ’s support for RBAC means:

• App owners only see their applications and services they rely on. The app team can deploy services, monitor performance, and identify and resolve issues, all without engaging IT or interfering with other applications.
• NetOps can leverage pre-built app templates or create custom templates that app owners can deploy and monitor, including pre-approved security policies from SecOps that can improve consistency and compliance.
• SecOps teams can specify WAF policies – and be assured that they will be properly configured with every new application. The SecOps team also benefits from centralized automated security policy building and centralized security reports, alerts, and a security dashboard.
• NetOps teams can stay firmly in control of their network resources without being a bottleneck.
   

In short, with BIG-IP Cloud Edition, everything can be segmented to improve performance (positively impacting morale as well). And it’s all highly customizable to suit your specific needs.

The best part? Auto-scaling helps you avoid over-provisioning your app services capacity on day one. Based on your immediate needs, you can scale out per-app VEs for more capacity and scale in when conditions return to normal.

Got it! So, let’s boil it down. What benefits am I getting from Cloud Edition?

One of the biggest benefits of Cloud Edition is the per-app application architecture—especially from a security standpoint. In the previously linked blog, we compared your data center (and its hundreds of applications) to a barrel full of apples. One app(le) touches many others and those others touch many others, etc. If one of your apples is compromised, it can spread that infection to the other apples it’s touching, and on it will go until the entire barrel (your data center and all of your apps) is ruined.

Unfortunately, a corrupted application or group of applications is much harder to spot than a rotten apple and the spread of infection is much faster in a data center than a piece of fruit. But if every app were isolated in a per-app architecture, like with BIG-IP Cloud Edition, the damage is limited to just one app(le).

Several other key benefits include:

• Dedicated F5 application services to existing apps that may need isolated resources
• Consistent and lower-cost app services for your next tier of applications—wherever they are
• Self-service consumption of application resources and F5 app services, giving application developers and owners more autonomy and reducing the workload of NetOps teams
• Auto-scaling of F5 app services
• Per-app analytics that is now second to none

And that’s only the beginning. As new versions are released, more features and support for additional cloud-based environments will be added—offering more flexibility and agility for even more of your applications.

Stay tuned for the next blog in this series. We’ll be taking deeper dives into the features and benefits of BIG-IP Cloud Edition.