F5 BIG-IP Local Traffic Manager (LTM) Reviews

We use it for brokering services.

It has made it a single entry point for all users, verging across all the VPCs. It is more of an SSO solution versus multitier user loggin.

• Central point of entry for our user base.
• User authentication
• PPI
• Integration with our website.

We would like to have integration into encryption and PKI integration with SafeNet. That is probably the key component in using External PKIs, letting people bring their PKIs with them. On the back-end, we have a SafeNet component. They are going to bring additional features in, so allowing integration with encryption and PKI, and tying it back into Microsoft AD in the back with an LDAP lookup for users.

The stability seems fine. We provide fault tolerance with HA, so we have two of them up and running. We have built in integration. Therefore, we do not worry about workload issues

It seems very scalable now. We have 200 users, going to about 10,000 within the next year. There are multiple VPCs and multiple AWS accounts.

The integration and configuration of the product in our AWS environment seems to be pretty straightforward. There doesn't seem to be anything complex. We haven't needed anything additional, like Professional Services.

We did use technical support on the original engineering.

We have seen ROI because we are not hosting it. We moved this to the cloud for our ingest, so our workload is moving to the cloud and Amazon.

Purchasing through the AWS Marketplace was good. We chose to go through the AWS Marketplace because everything that we needed was a soft appliance. We needed something to work in Amazon, and this product was available there.

We have found the pricing and licensing on AWS to be competitive.

We looked at F5, Citrix, and VMware. We chose F5 because it has a better market name, seemed to be vendor-agnostic for providing capabilities that others didn't, and its reputation.

Use F5. It has a good reputation. We experienced easy implementation and had an overall good experience.

We use it only on AWS.

F5 delivers a full range of solutions that simplify service providers’ security architectures while mitigating threats. The full proxy architecture of F5 solutions also allows service providers to attain extensive visibility and control throughout layers 4 through 7. This enables granular control of all connections, more extensive security functionality, and comprehensive end-to-end protection against DDoS and other attacks. F5 solutions protect targeted network elements, the DNS infrastructure, devices, and applications with features that include application health monitoring, a robust web application firewall, web access controls, TCP optimization, web acceleration, L7 DDoS protection, and broad SSL support, including SSL inspection and offload.

I installed F5 on the DMZ zone of the firewall. The traffic will come to the virtual server of the F5. F5 will decrypt the traffic and offload the traffic to the firewall as clear.
This way, we can mitigate many attacks from the F5 and from the firewall.

Protection of published website. When using ASM, we can have a layer 7 protection in order to prevent the website from attacks.

F5 should improve or develop the reporting tools further.
They should improve the management policies on the BOX.

It's a stable product.

They have one box and you can implement many features with it like LTM, ASM, GTM. So it is scalable. And they have a virtual edition and an appliance edition.

Technical support is a seven out of 10. They provide quick solutions and they reply to us very fast.

Straightforward.

It's fair, it's not too expensive. Maybe just a little high.

It's a good product to use. It has many features so can use it to secure your environment. I'm satisfied with the product.

F5 BIG-IP Local Traffic Manager (LTM) has EC, WAF, firewall, network firewall, and CGNAT in one platform.

I like the combination of ADC and WAN in the solution. F5 BIG-IP Local Traffic Manager (LTM) could be a bit better in regards to the pricing.

Kemp Loadmaster is cheaper compared to F5 BIG-IP Local Traffic Manager (LTM). Also, the solution's UI needs improvement.

I have been using F5 BIG-IP Local Traffic Manager (LTM) for three years.

Stability-wise, I rate the solution a ten out of ten.

The solution's scalability is good. Scalability-wise, I rate the solution a ten out of ten. Around 50-100 of our customers use the solution.

The technical support is very good.

The solution's initial setup process was quite complex. It took around a month to two for the deployment process.

Regarding the deployment process, we have to do an assessment first because it's very complex. There are so many parameters that we have to count the deployments. So, an assessment could be better before the deployment process. We have a manager and a person in charge of technical maintenance, but we usually talk to security and work with the network team.

Though I have not seen a return on investment, I can say that it is a good solution.

Our company pays for the licensing cost on a yearly basis. Also, there are no extra costs in addition to the standard licensing fees.

Before choosing the solution, I suggest others check their requirements to ensure work and protect your data. I rate the overall solution a ten out of ten. 

We are using it primarily for load balancing. We also make great use of SSL interception (offloading and onloading), packet inspection, rewriting, and DNS wide IP.

It is a very good, flexible solution. It helps us to catch up on flaws in our partner solutions on top of its load balancing feature.

Along with load balancing, we perform a lot of packet inspections, URL rewriting, and SSL interceptions via iRule. 

I would recommend that the cost be lowered.

User tracking: Needs to provide a visual interface to follow a customer's activity (from client to BIG-IP to SNAT IP to the chosen server, then back). Today, we are still performing packet captures.

Not so far.

Not so far.

So far, we have not had to contact them.

We previously used Cisco ACE, which has very limited features.

The initial setup is straightforward. The GUI interface is user-friendly.

Software upgrades have been performed by F5 teams.

The initial migration was done by our technical team. 

The last implementation was done by the F5 team. I would rate them as a nine out of 10. I am not giving a 10 because we encountered some difficulties with the software upgrade from version 11 to version 12.

ROI is four years.

If you are planning to use security features, better to go for strong hardware and the best bundle license, which is great for web security.

No.

We have around 12 data centers. On average, in every data center, we have 14 to 15 F5 load balancers. We manage everything from a central location, then we deploy policy for use, giving us a place for our control managers.

I have Big-IP change and control manager, which give me the roll back option. Therefore, I can view the last things which happened on the device.

In future, I would like there to be more device security. I would like the tool to support SSL links, along with SSL and TLS. It also needs to disable the old cipher suite, which is a very old. There are ciphers, like D5, still available on the device.

We have faced security stability issues, but we work around it.

It is very scalable.

F5 tech support is helpful. I would rate the technical support with an eight out of 10.

We used to have Cisco, then we have Citrix NetScaler. The Citrix NetScaler is just a load balancer. It did not me the complete ADC features. That is why F5 is the king of load balancing.

The initial setup was pretty straightforward; not complex.

Security should be involved in any base license. When you bring on F5, you only have default license. Then, the ASM product license has to be purchased. It would be great if F5 could include the ASM in the base license. 

There is more than one use case. The most important is the Local Traffic Manager (LTM). We are using it to load balance our web applications, SSL decryption and application adjusting, along with some TCP features. We are also load balancing traffic between appropriate back-ends for risk. 

We can use it for load balancing purposes on an HA proxy software. However, hardware load balancing is the best way due to some hardware flaws for incoming traffic. We are not using CPU resources for a load balancing SSL decryption and adjusting some parameters for incoming and outgoing traffic. F-5 has a lot of appliances, which can be used for appropriate tasks, e.g., for big tasks, we can use Vipiron devices. As well, we have a lot of software blades, which can be divided into virtual clusters, multi-purposes, etc.

We are using the Big-IP, LTM, ASM, and GTM modules.

• The Local Traffic Manager (LTM) provides a simple low balance and SSL decryption, in addition to some TCP parameters, for incoming and outgoing traffic to redirect appropriate traffic patterns to appropriate servers. 
• We are using Application Security Manager (ASM) as a web application firewall, where there is a security signature to avoid a web level breach. 
• We are using global traffic manager (GTM). Its main use cases is for application firewall modules, therefore we are not using it yet, but we are going to implement it for DDoS protection on some of our web services.

I would like to see F-5 implement a regular routing like in other Linux-based devices. We know the F-5 is not a router, but can be used for traffic forwarding, so it's not the same as other devices if we compare it with Citrix-based devices. It is a simple Linux-based routing software. I don't have any problems with it. However, in F-5, when we try and integrate in some complex networks, we have to use some additional routing scenarios from a Layer 3 perspective, then we have some problems. It would be great if this were fixed somehow.

We have to keep in mind features when we deploy an F-5 solution. Designing the same approach in Citrix can often be simpler. I have written syntax in F-5 which were complicated; not straightforward. For example, in a Citrix device, we have a lot of predefined patterns, and it's much simpler to implement.

We have not had issues with the stability, though we have experienced issues with the flexibility.

The support of F-5 is fine. In comparison with Citrix, F-5 technical support is much better.

We previously used Citrix NetScaler: 

• Citrix NetScaler SDX, which can be divided in multiple instances.
• Citrix VPX.

The licensing strategy for F5 is good.

We are using the solution for our internal and client purposes. We are a cloud service provider.

The solution provides good application delivery and network optimization features. We use all the features provided by the solution. It fulfills our requirements. All our infrastructure is set up with high availability through hardware and virtualization in all flavors and levels based on the customer requirements.

The pricing must be more flexible. We get billed for firewalls based on the usage. It will be helpful if the solution provides such flexibility.

I have been using the solution for many years.

The tool is stable.

The tool is scalable. It meets the requirements.

We have contacted the technical support team. The team is customer-friendly and knowledgeable.

The initial setup is straightforward. The deployment takes just one minute because we use scripts. We need one technical person for the deployment.

The solution is robust and reliable. It provides us with security.

The product is expensive. We pay a yearly licensing fee.

We recommend the product to others. It is scalable and reliable. Overall, I rate the solution a seven out of ten.

We use it for load balancing any kind of HTTP and HTTPS traffic coming from users or other systems.

One of the greatest things about F5 Load Balancer is that it provides additional capability for handling huge workloads and routing them to an SAP or non-SAP application. It is capable of supporting a large amount of user workload and application connectivity workload. This was the main reason why we chose F5.

It is a hardware load balancer, and its installation procedure is more complex than a software load balancer. There are pros and cons of using hardware load balancing. You have to have specific hardware deployed in your data center to activate this load balancer. They never came up with any software-based load balancing solution. It is all hardware-based.

I have been using this solution for a couple of years.

Its stability is good.

It is scalable. We have around 2,000 plus users.

Their technical support is fine. 

It is a hardware load balancer, so its installation procedure is more complex than a software load balancer. You need specific hardware to install this load balancer.

We had evaluated a few SAP solutions, but we found F5 to be more suitable at that time.

I would recommend this solution. We have been using it for such a long time, and we are quite happy with it as an organization. It is awesome, and we plan to keep using it till we are on-prem. It has been good for our on-prem setup. 

I would rate this solution an eight out of ten. I am quite satisfied with this solution.