F5 BIG-IP Local Traffic Manager (LTM) Reviews

We are using F5 BIG-IP LTM for our application which is a reverse proxy. We use it for availability, and to process the application because it is used in the financial industry.

The most valuable feature of F5 BIG-IP LTM is it helps our delivery team to make policies and rules for application.

The user interface of F5 BIG-IP LTM is old and could improve.

I have been using F5 BIG-IP Local Traffic Manager (LTM) for approximately five years.

I rate the stability of F5 BIG-IP LTM a nine out of ten.

The scalability of F5 BIG-IP LTM is good.

This solution is best suited for medium to large-sized businesses in the finance and telecommunications industries.

I rate the scalability of F5 BIG-IP LTM a nine out of ten.

The support from F5 BIG-IP LTM is not good.

I rate the support from F5 BIG-IP LTM a five out of ten.

Neutral

The initial setup of F5 BIG-IP LTM is simple because our project is not complicated. The implementation took approximately three days.

I rate the initial setup of F5 BIG-IP LTM a seven out of ten.

The price of F5 BIG-IP LTM could improve.

I rate the scalability of F5 BIG-IP LTM a ten out of ten.

This is a good solution, but it is expensive. I would recommend this solution to others.

I rate F5 BIG-IP LTM an eight out of ten.

F5 has performed marvelously. It certainly holds in value and holds its name.

We're able to do load balancing and global load balancing. When you marry those two products together, you can do a lot more. We're able to deliver our applications more securely and faster. It has improved our deliverability where we have more service across the shared data centers. We can intelligently reach all of those client connections across all of the servers and do it fairly quickly. It has helped improve our application delivery and performance.

I would like to see improvement in the manageability and easier setup. 

They need to have features that you can turn on and spin up and not have to buy a license for. I'd want to be able to quickly spin up a feature and start using it and then come back and pay for it later. Citrix has them beat on that. 

F5s are rock solid. I've seen them deploy in major data centers and they're rock solid.

Scalability is similar to Citrix NetScaler where you can pay as you grow. It doesn't have the feature which you can just turn on. You have to buy into it, then you have to wait for the license, and then you have to wait to have somebody to pay for it. You can't deploy quickly.

F5 technical support is good. They have a lot of good people there. Once you get into the area of expertise that you need help with, those people are very good at helping with the problem. Every time I call in, I go right to tech support and they're really good help. 

The initial setup can be complex but it's not because of the F5 itself. It's because of your own network. You can get in your own way. What makes it complex is the fact that you have to stand back and figure out the configuration. F5 is there to help you with that and give you some idea on where to place it and what to do. Some of that also falls underneath the realm of managed services or just services in general. They start you with a brand new spiffy product, but you're left with the migration process. 

They are expensive. 

I would rate this solution a seven out of ten. Not a ten because of the usability and a manageability. I've had to send somebody to F5 University to get trained, whereas with the Citrix NetScaler I don't necessarily have to send them out to training. I was able to pick up NetScaler right away. Whereas, F5, if you have it, you should probably get trained on it because it's a little more esoteric. 

Everybody wants the best of a name brand. If F5 was like a Tesla, would you want to buy a Tesla or a Toyota? They're both big name brands, but when you hear Tesla, you know exactly what that is; it's the futuristic top-of-the-line electric car. If you can afford a Tesla, then buy the Tesla but if you can't afford a Tesla, and you want something that's going to get you from point A to point B at a halfway decent price, go with Citrix.

We use it for brokering services.

It has made it a single entry point for all users, verging across all the VPCs. It is more of an SSO solution versus multitier user loggin.

• Central point of entry for our user base.
• User authentication
• PPI
• Integration with our website.

We would like to have integration into encryption and PKI integration with SafeNet. That is probably the key component in using External PKIs, letting people bring their PKIs with them. On the back-end, we have a SafeNet component. They are going to bring additional features in, so allowing integration with encryption and PKI, and tying it back into Microsoft AD in the back with an LDAP lookup for users.

The stability seems fine. We provide fault tolerance with HA, so we have two of them up and running. We have built in integration. Therefore, we do not worry about workload issues

It seems very scalable now. We have 200 users, going to about 10,000 within the next year. There are multiple VPCs and multiple AWS accounts.

The integration and configuration of the product in our AWS environment seems to be pretty straightforward. There doesn't seem to be anything complex. We haven't needed anything additional, like Professional Services.

We did use technical support on the original engineering.

We have seen ROI because we are not hosting it. We moved this to the cloud for our ingest, so our workload is moving to the cloud and Amazon.

Purchasing through the AWS Marketplace was good. We chose to go through the AWS Marketplace because everything that we needed was a soft appliance. We needed something to work in Amazon, and this product was available there.

We have found the pricing and licensing on AWS to be competitive.

We looked at F5, Citrix, and VMware. We chose F5 because it has a better market name, seemed to be vendor-agnostic for providing capabilities that others didn't, and its reputation.

Use F5. It has a good reputation. We experienced easy implementation and had an overall good experience.

We use it only on AWS.

F5 delivers a full range of solutions that simplify service providers’ security architectures while mitigating threats. The full proxy architecture of F5 solutions also allows service providers to attain extensive visibility and control throughout layers 4 through 7. This enables granular control of all connections, more extensive security functionality, and comprehensive end-to-end protection against DDoS and other attacks. F5 solutions protect targeted network elements, the DNS infrastructure, devices, and applications with features that include application health monitoring, a robust web application firewall, web access controls, TCP optimization, web acceleration, L7 DDoS protection, and broad SSL support, including SSL inspection and offload.

I installed F5 on the DMZ zone of the firewall. The traffic will come to the virtual server of the F5. F5 will decrypt the traffic and offload the traffic to the firewall as clear.
This way, we can mitigate many attacks from the F5 and from the firewall.

Protection of published website. When using ASM, we can have a layer 7 protection in order to prevent the website from attacks.

F5 should improve or develop the reporting tools further.
They should improve the management policies on the BOX.

It's a stable product.

They have one box and you can implement many features with it like LTM, ASM, GTM. So it is scalable. And they have a virtual edition and an appliance edition.

Technical support is a seven out of 10. They provide quick solutions and they reply to us very fast.

Straightforward.

It's fair, it's not too expensive. Maybe just a little high.

It's a good product to use. It has many features so can use it to secure your environment. I'm satisfied with the product.

F5 BIG-IP Local Traffic Manager (LTM) has EC, WAF, firewall, network firewall, and CGNAT in one platform.

I like the combination of ADC and WAN in the solution. F5 BIG-IP Local Traffic Manager (LTM) could be a bit better in regards to the pricing.

Kemp Loadmaster is cheaper compared to F5 BIG-IP Local Traffic Manager (LTM). Also, the solution's UI needs improvement.

I have been using F5 BIG-IP Local Traffic Manager (LTM) for three years.

Stability-wise, I rate the solution a ten out of ten.

The solution's scalability is good. Scalability-wise, I rate the solution a ten out of ten. Around 50-100 of our customers use the solution.

The technical support is very good.

The solution's initial setup process was quite complex. It took around a month to two for the deployment process.

Regarding the deployment process, we have to do an assessment first because it's very complex. There are so many parameters that we have to count the deployments. So, an assessment could be better before the deployment process. We have a manager and a person in charge of technical maintenance, but we usually talk to security and work with the network team.

Though I have not seen a return on investment, I can say that it is a good solution.

Our company pays for the licensing cost on a yearly basis. Also, there are no extra costs in addition to the standard licensing fees.

Before choosing the solution, I suggest others check their requirements to ensure work and protect your data. I rate the overall solution a ten out of ten. 

We are using it primarily for load balancing. We also make great use of SSL interception (offloading and onloading), packet inspection, rewriting, and DNS wide IP.

It is a very good, flexible solution. It helps us to catch up on flaws in our partner solutions on top of its load balancing feature.

Along with load balancing, we perform a lot of packet inspections, URL rewriting, and SSL interceptions via iRule. 

I would recommend that the cost be lowered.

User tracking: Needs to provide a visual interface to follow a customer's activity (from client to BIG-IP to SNAT IP to the chosen server, then back). Today, we are still performing packet captures.

Not so far.

Not so far.

So far, we have not had to contact them.

We previously used Cisco ACE, which has very limited features.

The initial setup is straightforward. The GUI interface is user-friendly.

Software upgrades have been performed by F5 teams.

The initial migration was done by our technical team. 

The last implementation was done by the F5 team. I would rate them as a nine out of 10. I am not giving a 10 because we encountered some difficulties with the software upgrade from version 11 to version 12.

ROI is four years.

If you are planning to use security features, better to go for strong hardware and the best bundle license, which is great for web security.

No.

We have around 12 data centers. On average, in every data center, we have 14 to 15 F5 load balancers. We manage everything from a central location, then we deploy policy for use, giving us a place for our control managers.

I have Big-IP change and control manager, which give me the roll back option. Therefore, I can view the last things which happened on the device.

In future, I would like there to be more device security. I would like the tool to support SSL links, along with SSL and TLS. It also needs to disable the old cipher suite, which is a very old. There are ciphers, like D5, still available on the device.

We have faced security stability issues, but we work around it.

It is very scalable.

F5 tech support is helpful. I would rate the technical support with an eight out of 10.

We used to have Cisco, then we have Citrix NetScaler. The Citrix NetScaler is just a load balancer. It did not me the complete ADC features. That is why F5 is the king of load balancing.

The initial setup was pretty straightforward; not complex.

Security should be involved in any base license. When you bring on F5, you only have default license. Then, the ASM product license has to be purchased. It would be great if F5 could include the ASM in the base license. 

There is more than one use case. The most important is the Local Traffic Manager (LTM). We are using it to load balance our web applications, SSL decryption and application adjusting, along with some TCP features. We are also load balancing traffic between appropriate back-ends for risk. 

We can use it for load balancing purposes on an HA proxy software. However, hardware load balancing is the best way due to some hardware flaws for incoming traffic. We are not using CPU resources for a load balancing SSL decryption and adjusting some parameters for incoming and outgoing traffic. F-5 has a lot of appliances, which can be used for appropriate tasks, e.g., for big tasks, we can use Vipiron devices. As well, we have a lot of software blades, which can be divided into virtual clusters, multi-purposes, etc.

We are using the Big-IP, LTM, ASM, and GTM modules.

• The Local Traffic Manager (LTM) provides a simple low balance and SSL decryption, in addition to some TCP parameters, for incoming and outgoing traffic to redirect appropriate traffic patterns to appropriate servers. 
• We are using Application Security Manager (ASM) as a web application firewall, where there is a security signature to avoid a web level breach. 
• We are using global traffic manager (GTM). Its main use cases is for application firewall modules, therefore we are not using it yet, but we are going to implement it for DDoS protection on some of our web services.

I would like to see F-5 implement a regular routing like in other Linux-based devices. We know the F-5 is not a router, but can be used for traffic forwarding, so it's not the same as other devices if we compare it with Citrix-based devices. It is a simple Linux-based routing software. I don't have any problems with it. However, in F-5, when we try and integrate in some complex networks, we have to use some additional routing scenarios from a Layer 3 perspective, then we have some problems. It would be great if this were fixed somehow.

We have to keep in mind features when we deploy an F-5 solution. Designing the same approach in Citrix can often be simpler. I have written syntax in F-5 which were complicated; not straightforward. For example, in a Citrix device, we have a lot of predefined patterns, and it's much simpler to implement.

We have not had issues with the stability, though we have experienced issues with the flexibility.

The support of F-5 is fine. In comparison with Citrix, F-5 technical support is much better.

We previously used Citrix NetScaler: 

• Citrix NetScaler SDX, which can be divided in multiple instances.
• Citrix VPX.

The licensing strategy for F5 is good.