LTM: Load balancing, SSL offloading, iRules, iApp,
Improvements to My Organization
LTM has been able to demonstrate an immediate return on investment, reducing the cost of server estate upgrades (both in terms of the numbers of required tin, reduced service impact through upgrades, server/website availability managed up to near 100% through redundancy management, improved human resource management (moving OOH work into daylight, reducing operational budget requirements)
Room for Improvement
LTM – the product is fine and all features that I have deployed have proven to be stable. TMOS release schedule is very dynamic. Major releases (9-10, 10-11) could have been made easier if configuration migration assistants had been more finessed prior to release.
Use of Solution
No major issues with deployment. Care must be taken with infrastructure deploys – close engagement is required with Network Support and Firewall Support areas, but once the platforms are stable, module deployment is very simple. As per my previous comment, moving from release to release can be complicated by things like bigpipe command deprecation (or removal: thank you v11!!), especially if a large iRule base has been developed on the modules.
At the module level, no. They are not as stable as System Z, but they are not far off. Hardware can be a little more susceptible to failure at the component level.
None. Appliance based options (physical and virtual), blended with Viprion/vCMP mean that these solutions have been able to scale to support enterprise class ADC offerings.
Customer Service and Technical Support
Customer Service: First class. F5 have demonstrated a willingness to support us through all issues, from architecture, deployment BAU support and high incidents. I can’t recommend them and their product offering highly enoughTechnical Support: Again, first class. It can sometimes be challenging to find even support partners with the requisite knowledge of the most cutting edge features, but only because F5 seem to develop at such a blistering rate.
No. F5 was a virgin solution to a point problem and quickly grew to a central position in the management of our enterprise infrastructure and digital tier by demonstrating quickly a value contribution made to our live service offering.
Straightforward and complex. Infrastructure setup on the boxes themselves was straightforward, although challenges in working with Network/Firewall departments made the exercise slightly more interesting. Basic LTM configuration OOB is very easy. IRules demand considerably more time and attention to develop properly.
In house, and I would rate their level of expertise as of the very best, since it was myself and a single colleague that built the entire infrastructure.
Significant and immediate.
Other Solutions Considered
Full analysis of the ADC space was undertaken, evaluating all competitors in the GMQ. All were discounted because of the vast distance between technologies and their capabilities. F5 was the clear and only choice for us.
Look to Enterprise Architecture before striking a key. These boxes are multiply capable, so allowing development through capability can lead to hugely complex deployments. There is (almost) nothing these boxes can’t do, including providing “tactical” solutions to application issues. Left unconstrained by a robust Architecture model, these boxes WILL grow like topsy, and the complexity of the solutions demanded by any business hungry for rapid delivery will grow into a box of fixes that only SME-level network/security/F5 technicians can manage on even a day-to-day basis. Make sure that the Enterprise Architecture model is strong and well-defined, and stick to it like glue.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Aug 17 2014