We are using it for web application firewall and load balancing features. We have its latest version.
Network & Telecom Manager at a retailer with 1,001-5,000 employees
A stable solution with useful web application firewall and load balancing features
Pros and Cons
- "It is stable."
- "Its scalability and deployment should be better. It should be more scalable, and it should be easier to deploy."
What is our primary use case?
What is most valuable?
It is stable.
What needs improvement?
Its scalability and deployment should be better. It should be more scalable, and it should be easier to deploy.
For how long have I used the solution?
I have been using this solution for a couple of months.
Buyer's Guide
F5 BIG-IP Local Traffic Manager (LTM)
December 2024
Learn what your peers think about F5 BIG-IP Local Traffic Manager (LTM). Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
What do I think about the stability of the solution?
It is stable.
What do I think about the scalability of the solution?
It is not scalable. We have about 2,000 users in our organization.
How are customer service and support?
I don't have any experience with their technical support.
Which solution did I use previously and why did I switch?
We didn't use any other product.
How was the initial setup?
It is neither easy nor complex. It needs experience. Fortinet is easier to deploy than this.
What about the implementation team?
I did it myself. We have an IT team of 60 people.
What other advice do I have?
I would recommend this solution. We plan to keep using it.
I would rate F5 BIG-IP an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Professional Services at a comms service provider with 51-200 employees
Stable and easy to set up with good anti-bot protection
Pros and Cons
- "We always use technical support and the team helps us very well. They're able to effectively find and fix issues and they respond very quickly."
- "The web interface could be better."
What is most valuable?
The anti-bot protection is very good. They are able to see bots from their system quite well. It has helped our customers to filter real traffic from fake and allows the real traffic to access the application. With the profile provided, you can block many new scans and scripts that are constantly generating traffic to their web service.
What needs improvement?
When you create an autofile, its profile takes a long time to generate the view in the VIP. That is probably due to the performance of the device, however, when you load a specific profile, the browser takes more than one minute to show the information.
The web interface could be better.
The solution should allow for the creation of custom signatures. Right now, I see that can be a little bit complicated to create new or personal signatures in the VIP.
The way that policies are created should make it easier to maintain the solution.
The product needs to implement some kind of artificial intelligence or machine learning that can start to generate fewer false positive requests. We tend to have a lot of false positives. The policy should be created in such a way as to help lower false positives.
There should be better reporting. Our customers ask us for reports quite often. It would be ideal if the solution itself was able to generate various types of reports for them instead.
For how long have I used the solution?
I've been working with the solution since 2014.
What do I think about the stability of the solution?
This year, we had a couple of issues. We found some bugs in version 15. They are very good, however, at finding the issue and generating a hotfix quickly so that we can apply the hotfix to the device. In the general, I would say that version 15 has been very stable overall.
What do I think about the scalability of the solution?
Whether you can scale easily or not depends on the device and the sizing. For example, if you have an E 2000 or I 4000, you might have a lot of traffic and the device cannot handle it very well. Scalability with the performance was the one issue that affected us this year.
Most of the customers that we have are enterprises. They are banking and insurance customers. They're quite large, which is why we need the scalability that we do.
How are customer service and technical support?
We always use technical support and the team helps us very well. They're able to effectively find and fix issues and they respond very quickly. We're quite satisfied with their level of service overall.
Which solution did I use previously and why did I switch?
We also work with Palo Alto firewalls. I've worked with Check Point as well.
How was the initial setup?
The initial setup is not too complex. It's pretty straightforward.
It's straightforward to create a new policy or a new postulate or a new deployment. It takes a couple of minutes to create a new deployment and it's rather easy to do so.
What other advice do I have?
We're a reseller for Enterprise companies such as Banking and Retail.
I'd advise that if a customer wants to implement this product, that they find a partner they can have a strong relationship with. The partner needs to be able to effectively implement the product and train your staff on the proper usage. That is, of course, if the client wants to manage it themselves in the long run.
Overall, I would rate the solution eight out of ten. If they could improve their web interface, generate reports, and have all the configuration on a single page on the platform, I'd rank it a bit higher.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Buyer's Guide
F5 BIG-IP Local Traffic Manager (LTM)
December 2024
Learn what your peers think about F5 BIG-IP Local Traffic Manager (LTM). Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Associate Manager - IT Operations at Collabera
A stable solution for application delivery control
Pros and Cons
- "The license terms for "non-commercial" will be a challenge for us."
- "The license terms for "non-commercial" will are challenging for us."
What is our primary use case?
Our primary use case is for ADC (Application Delivery Controller) and SSL VPN prospectively worked for the PoC.
How has it helped my organization?
This solution is very good and the product stability is excellent.
It has very good production for SMB protocol.
What is most valuable?
What needs improvement?
The license terms for "non-commercial" are challenging for us.
For how long have I used the solution?
Trial/evaluations only.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Architect - Cloud Serviced at a comms service provider with 10,001+ employees
The product was designed to allow newbies to configure it, and it is properly documented.
Pros and Cons
- "We are fond of the load balancing feature for DNS and servers."
- "The v11 clustering is a new technology they have brought in that does not require improvement. They are the leader in it."
- "Bugs are the part of program and they are fixed with every release, as with any vendor."
- "Initial setup is tricky, if you do not understand the design of this product."
What is our primary use case?
This product has helped us build robust solutions for what my company does.
How has it helped my organization?
We are fond of the load balancing feature for DNS and servers. Also, these can help you natting/hiding the real IP.
What is most valuable?
I have been working on the LTM and GTM lines. Both of the products are awesome. I would consider the Wide IP and ZoneRunner features of GTM extremely useful.
For the overall product, I would say provisioning is a good feature. There are other modules, which are good and people might want to try, such as APM and ASM. They are used for firewall and SSL VPN.
What needs improvement?
The only area that has room for improvement would be pricing.
Other than that, the v11 clustering is a new technology they have brought in that does not require improvement. They are the leader in the space.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
We did not find any stability issues while working on it.
Bugs are part of any solution and they are fixed with every release, as with any vendor.
What do I think about the scalability of the solution?
I have not encountered any scalability issues.
How are customer service and technical support?
Customer Service:
We used to work with support three years back and it was not that great then. Hopefully, the situation has now improved.
Technical Support:
We did not require much technical support, as the product has good documentation. However, the experience with support as compared to other vendors was not excellent, but usable.
Which solution did I use previously and why did I switch?
Regarding load balancing, this was our first product.
How was the initial setup?
If you do not understand the design of this product, initial setup is tricky. If you do understand it, initial setup is straightforward.
What about the implementation team?
This was implemented by an in-house team.
What was our ROI?
With the new pricing model, ROI was low, hence we switched.
What's my experience with pricing, setup cost, and licensing?
This product is costly from a licensing perspective considering its competitors. This is why it lost a rating point from me.
If your IT budget can support it, go for it.
What other advice do I have?
Attend a training class before trying to deploy it, or at least refer to online videos on their portal, as this will make it fairly easy for you.
It is one of the best and easiest load balancing solutions. The product was designed to allow newbies to configure it, and it is properly documented.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Security Specialist with 1,001-5,000 employees
These boxes are multiply capable, so allowing development through capability can lead to hugely complex deployments.
What is most valuable?
LTM: Load balancing, SSL offloading, iRules, iApp,
How has it helped my organization?
LTM has been able to demonstrate an immediate return on investment, reducing the cost of server estate upgrades (both in terms of the numbers of required tin, reduced service impact through upgrades, server/website availability managed up to near 100% through redundancy management, improved human resource management (moving OOH work into daylight, reducing operational budget requirements)
What needs improvement?
LTM – the product is fine and all features that I have deployed have proven to be stable. TMOS release schedule is very dynamic. Major releases (9-10, 10-11) could have been made easier if configuration migration assistants had been more finessed prior to release.
For how long have I used the solution?
4 years
What was my experience with deployment of the solution?
No major issues with deployment. Care must be taken with infrastructure deploys – close engagement is required with Network Support and Firewall Support areas, but once the platforms are stable, module deployment is very simple. As per my previous comment, moving from release to release can be complicated by things like bigpipe command deprecation (or removal: thank you v11!!), especially if a large iRule base has been developed on the modules.
What do I think about the stability of the solution?
At the module level, no. They are not as stable as System Z, but they are not far off. Hardware can be a little more susceptible to failure at the component level.
What do I think about the scalability of the solution?
None. Appliance based options (physical and virtual), blended with Viprion/vCMP mean that these solutions have been able to scale to support enterprise class ADC offerings.
How are customer service and technical support?
Customer Service: First class. F5 have demonstrated a willingness to support us through all issues, from architecture, deployment BAU support and high incidents. I can’t recommend them and their product offering highly enoughTechnical Support: Again, first class. It can sometimes be challenging to find even support partners with the requisite knowledge of the most cutting edge features, but only because F5 seem to develop at such a blistering rate.
Which solution did I use previously and why did I switch?
No. F5 was a virgin solution to a point problem and quickly grew to a central position in the management of our enterprise infrastructure and digital tier by demonstrating quickly a value contribution made to our live service offering.
How was the initial setup?
Straightforward and complex. Infrastructure setup on the boxes themselves was straightforward, although challenges in working with Network/Firewall departments made the exercise slightly more interesting. Basic LTM configuration OOB is very easy. IRules demand considerably more time and attention to develop properly.
What about the implementation team?
In house, and I would rate their level of expertise as of the very best, since it was myself and a single colleague that built the entire infrastructure.
What was our ROI?
Significant and immediate.
Which other solutions did I evaluate?
Full analysis of the ADC space was undertaken, evaluating all competitors in the GMQ. All were discounted because of the vast distance between technologies and their capabilities. F5 was the clear and only choice for us.
What other advice do I have?
Look to Enterprise Architecture before striking a key. These boxes are multiply capable, so allowing development through capability can lead to hugely complex deployments. There is (almost) nothing these boxes can’t do, including providing “tactical” solutions to application issues. Left unconstrained by a robust Architecture model, these boxes WILL grow like topsy, and the complexity of the solutions demanded by any business hungry for rapid delivery will grow into a box of fixes that only SME-level network/security/F5 technicians can manage on even a day-to-day basis. Make sure that the Enterprise Architecture model is strong and well-defined, and stick to it like glue.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Service Delivery Engineer - Network Security Lead at a tech services company with 51-200 employees
Straightforward, stable, scalable, and really good for load balancing
Pros and Cons
- "The web application firewall feature is the most valuable and useful feature. It is a leading industry product when it comes to load balancing. Its user interface is very simple. There isn't a steep learning curve. When we initiate someone to F5, they start using it quickly."
- "Its price can be better. It is a bit expensive."
What is our primary use case?
We are a reseller of F5, but we haven't had many projects that we've deployed with F5. In terms of use cases, it is used when clients have web servers, and they are hosting on their own infrastructure. When they have web applications that are publicly visible, they use F5 to balance that incoming traffic for their web servers.
What is most valuable?
The web application firewall feature is the most valuable and useful feature. It is a leading industry product when it comes to load balancing.
Its user interface is very simple. There isn't a steep learning curve. When we initiate someone to F5, they start using it quickly.
What needs improvement?
Its price can be better. It is a bit expensive.
For how long have I used the solution?
I have been using this solution for the last five years.
What do I think about the stability of the solution?
It is very stable.
What do I think about the scalability of the solution?
It is very scalable.
How are customer service and technical support?
I never had a case that required technical support.
How was the initial setup?
It is very easy to set up. It is not a complicated product. The deployment duration depends on the architecture that you're deploying, but it usually doesn't take much time.
What about the implementation team?
The number of people required for its deployment depends on the size of the deployment. For a very big deployment, you need less than three people. For a fairly normal or standard deployment, just one person would be fine.
What's my experience with pricing, setup cost, and licensing?
It is a bit expensive product. Kemp Loadmaster is much cheaper than F5.
Its licensing is on a yearly basis. It can be for one year or three years.
What other advice do I have?
I would recommend this solution. It is a really good solution. It is fairly straightforward, and it does what it is meant to do.
I would rate F5 BIG-IP a nine out of ten. In terms of features, it is good, but its price can be better.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
CTO at a tech services company with 11-50 employees
User-friendly, can be operated from a single console, and the performance is good
Pros and Cons
- "The main reason that we suggest this product to our clients is the great integration with other security tools, such as IBM Guardium."
What is our primary use case?
We are a solution provider and we work with a lot of products from F5.
In our internal network, we use F5 BIG-IP. We also have a few implementations with this product, including some that are integrated with other solutions such as IBM Guardium.
One of the great use cases is capturing an application user through F5 and then pushing it to Guardium. This is very useful for our customers because they can then connect to the database with a real application user, which is something that is very hard to achieve through other vendors.
What is most valuable?
The main reason that we suggest this product to our clients is the great integration with other security tools, such as IBM Guardium.
This product is very user-friendly, which is good for customers who have an implementation done by a partner but want to handle administration in-house.
All of the functionality can be achieved from one console.
Even on Hyper-V or a VMware appliance, the performance is very good when you use it as a proxy or a web application.
The documentation is very good.
For how long have I used the solution?
We have been working with F5 BIG-IP for between three and four years.
What do I think about the stability of the solution?
This is a stable product.
What do I think about the scalability of the solution?
From our perspective, it is scalable.
How are customer service and technical support?
We have all of the help and support that we need from the F5 office in this region.
Technical support from F5 is very good. As a partner, I have had a very good experience with them. They have shared knowledge with us and support us in our projects, which is definitely a big plus.
How was the initial setup?
It is very easy to install, especially when doing so to VMware. For example, we have spent almost a day installing security tools by other vendors. For BIG-IP, we need only two or three hours to complete it.
For the complete deployment that includes implementation and configuration, it takes between 10 and 15 days. The length of time depends on the client's goals and requirements. For example, some just want to use it as a web application firewall, whereas others want to use more functionality. The more functionality there is, the more time it takes to complete.
What about the implementation team?
Our in-house team implements and deploys this solution to our customers.
You need two or three people, including a security manager who will configure all of the rules and policies.
What's my experience with pricing, setup cost, and licensing?
The price should be reduced because it is expensive when compared to the competition. Alternatively, bundled packages should be offered. This is an issue that shows up for most of our customers.
What other advice do I have?
In summary, this is a very good product and we are actively suggesting it to our customers. It is something that should be more present in our market, especially because of the functionality that it provides.
In the end, we get very good results from BIG-IP.
I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Technical Product Manager at a tech services company with 11-50 employees
Hardware and software partitioning enable us to deploy multiple instances, two vCMPs
Pros and Cons
- "It has so many features. First of all, it has a full proxy architecture, it has multiple modules. The best feature is the WAF, the web application firewall module. It also has cashing type capabilities. It has all kinds of load-balancing algorithms based on your IT requirements."
- "It provides first-tier firewalling, for you application. And it provides server load-balancing, it provides optimization, and it provides a proxy feature, where your users cannot directly access your server. It acts as a fully proxy architecture. It has client-side and server-side connections, both, and they're separate."
- "It also has an AVR feature: application, visibility, and recording. It's good for customers looking for what is actually happening in their network and where the latency is."
- "it has TCP LAN and WAN optimization features. It has has caching."
- "The one gap I saw was that pure LBN integration is a little tricky. The insertion of F5 in LBN is a little tricky. They need to work on something, on products by which they can insert F5 in any sort of cloud environment."
What is our primary use case?
We’re a systems integration company. We propose this solution mostly to our banking customers and large enterprise clients, so that they can load-balance their core banking applications and their main applications.
It also provides proxying, the client cannot directly access the server. BIG-IP is a proxy between the user and the server, so the client cannot make connections directly to servers. They land on F5 BIG-IP and then F5 creates connections on servers on behalf of clients.
We use the solution for smarter, safer, and reliable connectivity.
How has it helped my organization?
It has multi-tenancy features, like hardware clustering. It has software partitioning so that you can partition F5. For example, in my recent deployments, I deployed F5 in a bank where they had two load balancers. One was Cisco Ace and the other was Citrix Netscaler.
We created two instances, two vCMP Virtual Clustered Multiprocessing, two hardware partitions in F5, one for Ace and one for Citrix. We migrated all applications which were on Ace to the Ace partition, and we migrated all applications which were on Citrix to the Citrix partition. Further, we created the outgoing internet and software partitions, and it has application visibility, reporting functions.
What is most valuable?
It has so many features. First of all, it has a full proxy architecture, it has multiple modules. The best feature is the WAF, the web application firewall module. It also has cashing type capabilities. It has all kinds of load-balancing algorithms based on your IT requirements.
So the WAF and load balancing. Both are core features of BIG-IP.
In every environment, you have a Web application firewall, you have internet firewalls. Then, traffic comes into your datacenter so that you have datacenter firewalls. F5 has everything.
It provides first-tier firewalling, for you application. And it provides server load-balancing, it provides optimization, and it provides a proxy feature, where your users cannot directly access your server. It acts as a fully proxy architecture. It has client-side and server-side connections, both, and they're separate.
It also has an AVR feature: application, visibility, and recording. It's good for customers looking for what is actually happening in their network and where the latency is. If I'm using iDirect, the bank branch is connecting to my core banking application, but if the clients are finding that the application is slow, it has TCP LAN and WAN optimization features. It has has caching.
What needs improvement?
The room for improvement is that the product is a little costly. I live in the Third World, Pakistan. We have budget constraints, even in big enterprise servers. My team said that this product is too costly, and why don't we go with another product, we should do a comparative analysis with Citrix and F5.
I told them that is costly, but it has rich features, the support is good, the features are reliable, and the technical assistance center, the tech support, is almost perfect.
Still, I would say they need to cut their prices for countries or regions that we live in.
The one gap I saw was that pure LBN integration is a little tricky. The insertion of F5 in LBN is a little tricky. They need to work on something, on products by which they can insert F5 in any sort of cloud environment. These are not really big things.
They are continuously improving. They are improving day by day, and they are the number-one load balancer.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
It is a stable product. It runs on TMOS, traffic management operating system. This is very stable.
If they see that an upgrade required, they provide you the release and they provide you the release notes, so you can upgrade your TMOS version and at any time. You can also open a case and they can guide you on how to upgrade your TMOS version.
They also keep an eye on vulnerability. If there is a bug or any sort of vulnerability in their operating system, they will immediately release an update. So the product is so much more stable compared to any load balancers on the planet at the moment.
What do I think about the scalability of the solution?
It has that scalability for adding more F5, N + 1.
It's scalable, and it has more functions than a service. At the same time, this device can run access policy manager, it has Web application firewall, datacenter switching to DR sites. It has a modular approach actually. It gives you what you want.
How is customer service and technical support?
They are very professional. They are highly skilled people.
How was the initial setup?
It is neither simple nor complex. It all depends on what kind of situations you are in. My last deployment was a little bit complex but previous deployments were very simple.
We did hardware partitioning and software partitioning for a multi-tenancy concept, where every application owner has its own load balancing instance within F5. So it all depends on how you deploy a device and it depends on your planning.
If you want a simple deployment you can do so. You can create multiple virtual servers on F5 BIG-IP technology, and within multiple virtual servers you can have multiple nodes, where a node equals two application servers.
It can be deployed in a complex manner and it can be deployed in a very simple manner, it all depends on your choice.
It has a rapid deployment feature to deploy Microsoft Exchange load balancing. It has automation. You can simply click on Microsoft Exchange 2016 Email Server. Tclick on it and tell F5 about server IPs, and it goes automatically.
What was our ROI?
24 x 7 always on applications without any down time.
Which other solutions did I evaluate?
What other advice do I have?
F5 is the number-one application delivery controller, plus they are the number-one Web application firewall, together in the market right now. So what else do you want from them? Whenever we go and pitch this solution to our customers, we tell them that we are not selling you just a load balancer. We are selling you application delivery controllers, and Web application firewalls.
I give it 9.5 out of 10. It's a really costly product and smaller organizations cannot afford this solution, so it's hard to sell a plan. But once the customer has it, this product is a 10.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Buyer's Guide
Download our free F5 BIG-IP Local Traffic Manager (LTM) Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Application Delivery Controllers (ADC)Popular Comparisons
Microsoft Azure Application Gateway
Fortinet FortiADC
Kemp LoadMaster
Radware Alteon
A10 Networks Thunder ADC
VMWare Avi Load Balancer
Loadbalancer.org
Barracuda Load Balancer ADC
Radware LinkProof
Ivanti Virtual Web Application Firewall
Array APV Series
Buyer's Guide
Download our free F5 BIG-IP Local Traffic Manager (LTM) Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- F5 vs. Imperva WAF?
- F5 BIG-IP vs. Radware Alteon Comparison
- What is the performance parameter of Imperva X10K versus BIG-IP i2600?
- What are your daily F5 BIG-IP LTM use cases?
- What are the pros and cons of F5 BIG-IP Local Traffic Manager (LTM) vs Microsoft Azure Application Gateway for a large construction company?
- When evaluating Application Delivery Controllers, what aspect do you think is the most important to look for?
- Comparison Between Kemp LoadMaster and Load Balancer.org
- Is Citrix ADC (formerly Netscaler) the best ADC to use and if not why?
- What are your daily F5 BIG-IP LTM use cases?
- Why do I need an ADC solution?
Hello Orlee,
Thanks for reaching out to me. The documentation covers the entirity of the product along with guide to why that feature is enriching. Most vendors tend to forget that the documentation is written to keep the end user being a completely newbie. They just assume their reader knows the product. And others don't document at all. It needs to list the feature why was it implemented and how can it be used. And commands to enable the feature . Hope this help . As an example the don't list of having irules feature but also mention why was it deployed and how can you use it .. not to forget dev central and what more can you achieve of the box.
Regards
Girish Vyas