Bring the Cloud to Applications Running on BIG-IP TMOS

F5 BIG-IP is an immensely powerful tool, trusted by the largest enterprises around the world to deliver and secure critical public and private applications. It is the Application Delivery Controller (ADC) standard, offering power, versatility, and granular control to support a vast array of application use cases for our customers. With that power, however, comes complexity.

Managing application delivery on BIG-IP can rapidly become labor-intensive as the number of use cases and BIG-IP deployments increases. Many of our customers are looking for ways to ease this management complexity by bringing some of the simplicity and automation of the cloud into BIG-IP, but this is often not an easy task.

There are three key use cases that we hear customers asking for help with:

1. Building and maintaining an application DMZ: This security strategy allows organizations to mask the origins of applications, but building a DMZ typically requires investment in additional hardware and security solutions. Maintenance costs are amplified as the DMZ expands.
2. Centrally managing multiple point solutions, BIG-IP deployments, and environments: As the number of app deployment locations and tools increase, it becomes more difficult to understand application health and security posture in a single view. Organizations are forced to manage multiple consoles to get the big picture, and that complexity makes identifying threats more difficult.
3. Rapidly scaling to meet demand: Multiple hardware and point solutions make scaling up to meet demand that much more difficult. Licenses, hardware deployment times, and configuration management all add complexity, which increases management effort.

Simplifying this complexity requires a tool that can bridge BIG-IP and the cloud without forcing organizations to change where or how they deploy applications.

Enter Service Discovery, a new feature in F5 Distributed Cloud App Connect that brings the flexibility of the cloud to on-premises application deployments running on BIG-IP without changing app architectures.

Enabling Service Discovery starts with the F5 Distributed Cloud Customer Edge (CE). This software can be installed in any environment to extend Distributed Cloud Services to on-premises locations or private clouds. CEs can connect to each other—and to the F5 Global Network—to act as a secure network underlay, creating a unified control plane to abstract away multi-environment complexity. As long as a CE can connect to BIG-IP, Service Discovery will find and augment applications.

Service Discovery creates and continuously updates a catalog of apps running on BIG-IP deployments that are connected to Distributed Cloud Services. Once the catalog is created, customers can manage those apps through Distributed Cloud App Connect without making any changes to the applications.

With the BIG-IP to Distributed Cloud Services connection established through a CE, customers now have an easy way to solve those three critical use cases:

1. Application DMZ: Publishing applications on the F5 Global Network moves the DMZ outward, protecting origin servers without exposing them to the public internet or investing in more hardware. The Global Network operates as a global front door, protecting applications from large-scale attacks and offloading DMZ maintenance and management to F5.
2. Centralized management: Apps that are connected to Distributed Cloud Services can be managed and monitored using the Distributed Cloud Console. It provides key insights and visibility into apps deployed anywhere, including BIG-IP, with real-time application health metrics.
3. Rapid scaling: Through tool consolidation, organizations can reduce the amount of time it takes to scale by leveraging the cloud for new application deployments and optimizing their existing on-premises investments.