3 Tips for Maintaining a High-Performing App Portfolio

Kara Sprague Miniature
Kara Sprague
Published April 21, 2021

Maintaining a healthy application portfolio is a like maintaining a healthy body. Both are subject to endless stresses and unanticipated conditions. Both require specific care, proactive maintenance, and targeted interventions. Over time, eating right and exercising regularly go a long way toward keeping your day-to-day running smoothly, and the same is true metaphorically for your apps. And the similarities don’t end there—a popular myth in both cases is that you can starve or sweat your way to sustained health.

It’s true that keeping your applications’ critical infrastructure current with updates, upgrades, and refreshes is a significant undertaking. But to thrive (and in many cases, survive) in our modern, digital world, it must become a top priority.

While there isn’t a magic pill to get your applications’ critical infrastructure to a healthier state, F5 is making investments to help customers keep their app portfolios flexible, agile, adaptive, and in peak condition—even as they age.

From this week’s Agility conference, I’m sharing some stories of customer journeys to application portfolio health and offering tips for maintaining a high-performing application portfolio.

App Portfolio Health Tip #1: Don’t "Sweat the Assets."

One F5 customer is a global provider of industry-leading digital solutions for manufacturers, resellers, and consumers. Years ago, this organization embarked on a transformation initiative to consolidate data centers and migrate applications to the cloud.

To free up resources for this, they opted to forgo refreshes and upgrades of the on-premises BIG-IP deployments supporting some critical customer-facing applications. This approach is commonly known as “sweating the assets.”

But as is often the case, the cloud migration took longer than anticipated. After years of sweating the assets, the health of the on-premises applications took a turn for the worse and once-routine tasks became increasingly difficult. Customer-facing apps slowed down and, in some cases, dropped connections entirely. Eventually, one critical application became unstable and suffered multiple disruptions. The customer was taking public hits from competitors about the reliability of their marquee offering and losing market share. Recovering the stability of that application became an executive team imperative.

F5 Customer Support was engaged to troubleshoot, but new failures kept occurring and the joint F5 and customer team remained stumped. (Think of this as putting off a visit to the doctor until it’s an emergency.) It didn’t help that the customer was running a version of BIG-IP software released in 2015—four major versions ago. Through intense triage, we were eventually able to successfully resolve the multiple causes of instability.

Once the critical application was stabilized, the customer moved quickly to remediate their entire 100+ instance BIG-IP deployment. They added capacity and migrated workloads off aging appliances and onto their VIPRIONs. They refreshed other workloads to a combination of iSeries and virtual edition instances, and they upgraded the entire BIG-IP deployment to v14.1. This combination of changes netted a 2x performance improvement, returned their critical applications to full support, and put their revenue-generating apps back on track.

The lesson here is don’t sweat the assets that support your most important assets—your applications. Not keeping up to date with the latest sustaining releases can leave you exposed to defects or vulnerabilities amidst an evolving security landscape. Our latest versions of BIG-IP TMOS—v14.1, v15.1, and soon v16.1—each include new features and capabilities to improve your application performance and security. Finally, ignoring critical product lifecycle milestones such as End-of-Software Development Support exposes you to lapses in supportability. Clearly this combination puts your app, your customers, and your company at risk.

App Portfolio Health Tip #2: Automate as Much as Possible.

Another customer, a large European bank, was struggling with velocity. It was spending vast amounts of time writing code to integrate various L4-7 capabilities, and lengthy toolchain upgrade cycles further compounded the problem.

After adopting the F5 Automation Toolchain, the bank created a self-service catalog for use across the organization. Each entity could create its own orchestration workflows including BIG-IP application security and delivery capabilities in as little as six minutes—a significant improvement over the weeks to months that such efforts had previously required.

Over the past two years, the bank has used this solution to deploy thousands of apps across on-premises and public cloud environments. The AS3 declarative interface, a core element of the F5 Automation Toolchain, also enables the bank to write significantly less code—an order of magnitude less—thereby shortening application infrastructure upgrade cycles.

Automation not only helps save time by eliminating redundant, manual processes, it also helps keep the overall application infrastructure more robust by providing guardrails around possible configurations—like building a meal plan or setting an exercise schedule to keep your overall health and wellness program on track. In addition, many customers view the agility they gain from automation as a key strategic differentiator that will pay dividends as businesses worldwide begin to consider post-pandemic scenarios.

Just as you might incrementally work your way toward running a marathon, you can start your automation journey one step at a time. This customer started small by automating tasks like configuration archiving for F5 WAF policies. It then moved on to service creation and management of pool members, and more recently graduated to automating full L7 services. And if you’re still not sure where to get started on your automation journey, F5’s Solutions Architects are at the ready to help you with an “Automate One Thing” workshop.

App Portfolio Health Tip #3: Enable Developer Self-Service.

Another customer, Maximus, is an outsourcing company that provides business process services to government entities. It was operating its app portfolio completely on-premises across multiple data centers, with heavy participation and dependencies from multiple teams to make changes and deploy apps. This volume of manual infrastructure provisioning across different internal groups created delays that ultimately became a drag on Maximus’ digital transformation ambitions.

Seeking greater business agility, Maximus migrated part of their app portfolio to AWS to provide a more agile way to scale, using BIG-IP Virtual Editions to provide consistent app delivery capabilities with their on-prem environment. They then implemented BIG-IQ to centrally manage their on-prem appliances and cloud-based Virtual Editions. The next step was to use Ansible to automate deployments and configuration changes, thereby reducing application deployment times from weeks down to minutes.

Maximus’ automation progress also prioritized the app developers themselves. It enabled developers to self-provision BIG-IP app security and delivery technologies using Cloud Formation Templates. Network and system engineers are now called only if something needs to be custom built or if app development teams need help troubleshooting. Said one happy Network Engineer, “[Developers] can have a device up and running in seconds. Before, it would take at least three teams, and at least two days, to get that device up and running.”

F5 offers multiple approaches to developer self-service, including BIG-IQ Service Catalogs and NGINX Controller. In the case of the former, NetOps and SecOps teams create templates and manage policy and access control via BIG-IQ, and developers access and populate these templates as part of a fully automated workflow using APIs and automation tools. In the case of the latter, NGINX Controller brokers the configuration changes to the app security and delivery capabilities provided by BIG-IP. This empowers developers and DevOps teams with the self-service capabilities they need to move fast, visibility through one management plane, and conformity with enterprise standards to reduce risk exposure.

* * *

These customer stories illustrate how making smart investments in your application infrastructure yields better business outcomes than sweating the assets, including:

  • Improving your TCO and application performance
  • Maintaining operational consistency across on-prem and public cloud environments
  • Future-proofing your traditional applications, leveraging the latest application security and delivery capabilities, newer protocols, and automation
  • Ensuring optimum quality and security in your application infrastructure
  • Reducing manual work and non-standard configs by automating provisioning and management
  • Empowering developers to get their work done with fewer dependencies and delays
  • Managing app security, policy, and compliance centrally while still enabling developers to use their tools of choice

Despite the clear long-term benefits, maintaining a balanced approach to fitness—and IT—is challenging. And more than likely, the road ahead may include a misstep or two. What matters though is progress, not perfection. Good decisions have a cumulative effect over time. Application portfolio health is about overcoming inertia, staying proactive, and looking forward—and it is a journey that F5 is committed and thrilled to be on with you.