2023 BIG-IP Upgrade: Modernize Today to Secure Your Apps
Elevate Your Security Posture by Upgrading Your BIG-IP
BIG-IP’s newer software versions are inherently more secure and comprise innovative new security capabilities. Prioritize regularly upgrading your BIG-IP to mitigate harmful vulnerabilities and cyberthreats.
Why Should I Upgrade My BIG-IP—and What Version Should I Be Running?
Keep your software up to date to gain access to cutting-edge capabilities and minimize risk exposure. At a minimum, we recommend implementing BIG-IP v15.1 across your BIG-IP fleet, while the latest v17.0 release will reward you with protection against evolving threats and vulnerabilities.
Review the matrix below to determine whether you’re due for an upgrade and the reasons for doing so.
BIG-IP v11 & v12
Upgrade highly recommended - support has expired
Reasons to upgrade
- Access to patches for software bugs or vulnerabilities has expired
- Access to technical support has expired
- Inability to implement cutting-edge application and network protections
- Newer software versions are inherently more secure and higher quality
- Inability to use new BIG-IP capabilities (Automation Toolchain, Container Ingress Services, Telemetry Streaming, etc.)
BIG-IP v13 & v14
Upgrade recommended - support expiring soon
Reasons to upgrade
- Access to software patches for bugs or vulnerabilities expiring within 24 months
- Access to technical support expiring within 24 months
- Inability to implement cutting-edge application and network protections
- Newer software versions are inherently more secure and higher quality
BIG-IP v15, v16, & 17
Upgrade not yet necessary
Reasons to upgrade
- Upgrade to v17.0 for the latest and greatest BIG-IP capabilities
Recent BIG-IP Innovation
Comprehensive App Security
Protect against sophisticated app-layer threats including malicious bots, L7 DoS, API attacks, and OWASP Top 10 attacks.
Secure App Access
Enforce unified global access controls for users, devices, applications, and APIs to ensure secure, authorized access for both remote and internal employees.
Encrypted Traffic Visibility
Provide high performance decryption of inbound and outbound SSL/TLS traffic, enabling security inspections to expose threats and prevent attacks.
Automation
Automatically provision and configure BIG-IP with declarative APIs using the CI/CD and automation tools you’re familiar with.
Container Ingress
Optimize and secure your containers and microservices by extending BIG-IP application services.
Scalability and Performance
Optimize user experience and performance through full HTTP/2 proxy support, including native monitoring and session persistence.
Stay on Top of Your BIG-IP Asset Lifecycle
It’s vital to keep track of the key lifecycle dates for your BIG-IP assets—especially End of Software Development (EoSD) and End of Technical Support (EoTS) dates. After EoSD, you won’t be able to receive security patches or software fixes, and after EoTS, you won’t have access to the technical support you might need.
Key lifecycle dates for BIG-IP software versions ›
Key lifecycle dates for BIG-IP appliances ›
Note: Lifecycle information for BIG-IP Virtual Editions is aligned with the version of BIG-IP in use. For BIG-IP versions 11.6.x and 12.1.x, EoSD is May 2021 and EoTS is May 2022.
Upgrade Scenarios and Benefits
-
Why Upgrade BIG-IP VE to Run V15.1 and Up?
-
Why Refresh Your Appliances to F5 rSeries?
-
Why Refresh Your VIPRION Chassis to F5 VELOS?
Multi-cloud freedom
Deploy across a diverse array of supported cloud environments with consistent services and policies.
Cloud optimization and reduced TCO
Decrease operational costs in the cloud with significantly reduced image size, while leveraging accelerated boot procedures to reduce spin-up time and better accommodate dynamic, auto-scaling architectures.
Unrivaled performance
Take advantage of acceleration technology, including SR-IOV, advanced NIC adapters, and hardware offloading to deliver greater scalability and blazing-fast user experiences.
Cloud-native integration
Augment your cloud apps and environment using native security, automation, and telemetry solutions.
Federal-grade encryption
Achieve FIPS 140-2 Level 1, 2, and 3 compliance with an embedded software cryptographic module and integrations with physical HSMs.
Flexible consumption models
Choose from multiple licensing options that align to your preferred purchasing model, including perpetual, utility, subscription, and enterprise licensing agreements.
API-first platform scales for the future
F5’s next-generation appliance, rSeries, bridges the gap between traditional and modern infrastructures with a rearchitected, API-first platform designed to meet the needs of your entire application portfolio now, and into future.
Lower costs with a modern ADC design
F5 rSeries delivers the unprecedented level of performance and protection your critical applications and network deployments require. Designed on a new microservices-based platform layer and an API-first architecture, rSeries enables consolidation for lower costs and reduced TCO across your infrastructure.
Automation leads to rapid deployment
The F5 Automation Toolchain on the rSeries platform makes it easy for customers to deploy and configure F5 application services via simple, yet powerful declarative interfaces. With a fully automatable architecture, customers see lower staffing costs by increasing process efficiency and reducing time spent on manual tasks.
Increase application delivery and service velocity
The growth and complexity of app services and application attacks are challenging IT’s ability to manage application traffic, secure infrastructure, and meet the needs of customers. With F5 rSeries, a next-gen platform architecture with up to 100% performance growth, you can future-proof your application delivery infrastructure and increase service velocity.
Protect critical data with industry-leading SSL performance
A new revolution in the rSeries platform design balances performance, scalability, and security, enabling IT to offload SSL processing up to 3x overall and deploy comprehensive application delivery and security services anywhere.
Get unmatched performance with improved ROI
Achieve accelerated app performance and lower latency with more FPGAs and ECC ciphers.
Accomplish more with automation
Reduce deployment time from weeks to minutes with a fully automatable API-first architecture.
Future proof your infrastructure
Frictionless migration and flexible licensing for the Kubernetes-based hardware of the future.
Lower your TCO
Simplify and consolidate your existing infrastructure with significantly lower operating costs.
Carrier class reliability
Reduce risk with NEBS compliancy and redundant configurations and components.
Need Help Upgrading?
Upgrade the software on your BIG-IP appliances and VEs manually with these easy-to-follow step-by-step instructions, or learn how to automate your upgrades with BIG-IQ or Ansible in this DevCentral video.
If you need additional help planning and executing your upgrade, or performing post-upgrade verification and support, F5 Professional Services can provide expert assistance.
Streamline BIG-IP Instance Migrations with the F5 Journeys Migration Utility
Modernizing your BIG-IP infrastructure has never been easier. With the Journeys Migration Utility you can effortlessly modify existing BIG-IP configurations to be compatible with new physical or virtual BIG-IP instances, helping simplify and accelerate your migration experience.
Resources
JOURNEYS MIGRATION DEMO
Watch an example migration with the Journeys Migration Utility
