Information Security Consultant-Risk at a computer retailer with 11-50 employees
Consultant
Top 20
2024-06-03T11:26:05Z
Jun 3, 2024
In the LTM solution, it would be beneficial to have more algorithms for traffic segmentation or the ability to create user-defined algorithms rather than being restricted to predefined ones.
Learn what your peers think about F5 BIG-IP Local Traffic Manager (LTM). Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
Senior Network and Security Specialist at a tech services company with 51-200 employees
Real User
Top 20
2023-04-04T16:29:36Z
Apr 4, 2023
BIG-IP LTM is taking a long time to mature in cloud environments. They plan to improve cloud integration in the next version, but it isn't out yet. It's essential because more companies are moving to the cloud these days and using things like Kubernetes or microservices. F5 needs to improve in that direction, and they are.
Senior Network Engineer at a comms service provider with 10,001+ employees
Real User
Top 5
2023-03-15T11:45:46Z
Mar 15, 2023
The pricing model has caused some frustration. My clients implemented the solution and later wanted to upgrade the features but the pricing structure was complicated. There are other solutions with better pricing models.
LTM would be improved with the inclusion of signature-based blocking. In the next release, LTM should include the ability to configure account details and access user logs.
Tax Department at a government with 10,001+ employees
Real User
2022-12-19T17:40:04Z
Dec 19, 2022
An area for improvement in F5 BIG-IP Local Traffic Manager (LTM) is troubleshooting on the command line, which should be more graphical. Another area for improvement is that it's a high-priced product. What I want to see in the product's next release is more analytics.
F5 BIG-IP LTM can improve on the SSL loading which includes the authentication of certificates. Although, most of these issues have been solved there are still some issue that persists. In a feature release, it would be helpful to have real-time packet features in the GUI.
Senior Technical Consultant at a comms service provider with 51-200 employees
Real User
2022-06-24T14:13:00Z
Jun 24, 2022
For right now, I don't have anything I would suggest in terms of improvements. I worked mainly on the CLI. Working on the CLI on the operations level or on the configuration level is sometimes a bit complex to understand. You have to have a good background in Linux so that you can perform the necessary solutioning or operations through the CLI. Whenever we want to investigate something we need to use the CLI, however, the CLI level troubleshooting and the solutioning, it is a little bit complicated. We have a limitation when it comes to the GUI. That said, I have found that we can do much better analysis with troubleshooting over the CLI. Scaling up is complex. It's expensive. We need to have good security features available. It's something I still need to explore more, however.
I would like to see tighter integration with all the product lines. A more hybrid approach would be beneficial for users. It would also be great if the solution was less expensive.
Solution Architect at Softcell Technologies Limited
Real User
2022-05-29T12:47:55Z
May 29, 2022
Right now, there are a lot of products within F5's portfolio. They acquired a couple of companies like NGINX and Volterra. Some features and technologies overlapped when this acquisition occurred. They need to refine it and come up with a single, proper solution. F5 should focus more on zero trust network access (ZTNA).They should be more focused on that framework because the industry is moving towards that. Everyone is talking about SASE and zero trust.
It would be good to have better traffic and better data. It would be nice to have more granularity to see packets in terms of the header details, the analytics, etc. It would be nice if that was also part of it and to have analytics added to the traffic.
Senior Network Engineer at a transportation company with 10,001+ employees
Real User
2022-05-22T06:09:02Z
May 22, 2022
Its GUI could be a bit better. Other than that, it's already pretty good. We don't use it in a high-performance environment. So, we don't really care so much about too many features.
F5 BIG-IP Local Traffic Manager could improve by having an FNI feature for a single source to multi-domain load balancing. When I was using the solution I was using the basic functions and I found it difficult to handle some of the more advanced features. I needed assistance from my IT department or the vendors themself. There should be more workshops are places to gain knowledge on how to use the solution. You need specific skill sets to use it.
Security Consultant at a tech services company with 11-50 employees
Real User
2021-12-22T17:46:00Z
Dec 22, 2021
The user interface could be improved in F5 BIG-IP Local Traffic Manager. There's can be some improvements done on the access policy manager(APM) such as supporting APIs and web services.
Senior Network Engineer at a comms service provider with 10,001+ employees
Real User
2021-08-23T11:20:00Z
Aug 23, 2021
In terms of what could be improved, I would expect more integration with different platforms and more integration with the backend systems. Additionally, in the next release, I would like a more secure version.
Chief Information Officer at F.P. eSafe Solutions LTD
Real User
Top 10
2021-06-11T15:09:00Z
Jun 11, 2021
The pricing could always be better. It's a bit expensive. It would be ideal if they offered integration with NGINX. They purchased NGINX as well. Therefore, if it's got integration with NGINX, then you kind of have one single pane of a console for all the F5/NGINX portions of your work.
Security Engineer at a tech services company with 11-50 employees
Reseller
2021-02-17T14:19:42Z
Feb 17, 2021
I can't say that there are any features missing. I've overall been quite happy with it. We once had an issue related to trying to publish some exchange application to a file and we experienced some problems there, however, the incident was not really related to BIG-IP. It was likely some kind of infrastructure problem the company was experiencing. We haven't had any big problems of note. Technical support could be faster. It's something I'd like to see them work on in the future. The pricing could be more reasonable.
IT Manager at a manufacturing company with 1,001-5,000 employees
Real User
2020-12-29T15:57:30Z
Dec 29, 2020
We are currently using BIG-IP and NetScaler and we wanted to have just one technology. We will be replacing F5 in March. NetScaler is primarily used for Citrix purposes and BIG-IP is being used as a reverse proxy for our other applications. We would like to manage it easily with one technology. I would like to see better integration. I can remember when we were implementing ADFS, we had some challenges. There is not a lot of documentation available where you can refer to and configure any new technologies.
There are some aspects of F5 BIG-IP that could be improved, the main one being virtual machine support. We have seen that even with the virtual editions, there are some things that we would like to do that are currently not possible with virtual machines. We have seen some problems mainly with F5 BIG-IP ASM, and so I think the virtual editions of the ASM could be improved. Another negative aspect is the cost, as it can be expensive.
Director of Network Strategies and Technologies at a comms service provider with 1,001-5,000 employees
Real User
2020-12-04T23:51:22Z
Dec 4, 2020
I would like to see some better documentation focused on our website and better search criteria. That's probably the best way to say that there needs to help with research. The cost of the solution is pretty high. It would be ideal if it was more reasonable.
Head Of Technology at a tech services company with 51-200 employees
Real User
2020-12-04T12:31:02Z
Dec 4, 2020
When we purchased the product, we found it to be a bit expensive. If we decide to migrate to the cloud, I don't think that BIG-IP is a good solution and we probably won't use it. If the price for a cloud-based deployment can be matched with their competitors the I think it would be a far better solution.
Security Professional Services at a comms service provider with 51-200 employees
Reseller
2020-11-18T22:22:57Z
Nov 18, 2020
When you create an autofile, its profile takes a long time to generate the view in the VIP. That is probably due to the performance of the device, however, when you load a specific profile, the browser takes more than one minute to show the information. The web interface could be better. The solution should allow for the creation of custom signatures. Right now, I see that can be a little bit complicated to create new or personal signatures in the VIP. The way that policies are created should make it easier to maintain the solution. The product needs to implement some kind of artificial intelligence or machine learning that can start to generate fewer false positive requests. We tend to have a lot of false positives. The policy should be created in such a way as to help lower false positives. There should be better reporting. Our customers ask us for reports quite often. It would be ideal if the solution itself was able to generate various types of reports for them instead.
Network Security Specialist at a energy/utilities company with 5,001-10,000 employees
Real User
2020-11-11T08:06:52Z
Nov 11, 2020
There should be more logging improvements on F5. The logging features are too limited and do not give us a solid understanding of what's happening. For example, the web application firewall logs don't say complete, or why this is blocked, which signature or which root cause is blocking the log. Also, it can provide more understandable windows or dashboards regarding the latency of the application. Citrix has cheap tools that show what is happening and describe why did they happen. I would like to see improvements to the dashboard, latency reporting, and monitoring. Improvements in these areas would be very valuable.
Senior solution architect at a comms service provider with 51-200 employees
Real User
2020-07-16T06:21:12Z
Jul 16, 2020
The reporting could be improved and I'd also like to see the UI adjusted to make configuration easier. There are some things in the F5 configuration that are complicated.
More training should be available to customers. There is a guide that is available on the internet, but the training is not as good as others, such as Cisco. While F5 does have a big market share, it is not easy to find a well-training F5 engineer. If they made it easier for engineers to get F5 training then it would be better.
Head of IT Infrastructure and Security Operations at United Arab Bank
Real User
2020-06-15T07:34:14Z
Jun 15, 2020
The policies management could be improved, that's why I'm doing a comparison of other solutions. This is also a very expensive solution. I'd like to see external loading included as part of the solution.
IT Security Engineer at a cloud solution provider with 11-50 employees
Real User
2020-06-15T07:33:53Z
Jun 15, 2020
This solution could be improved by reducing the cost. It's the main reason that we're considering another option for our website even though we're very satisfied with the way the Big-IP works and the way Big-IP protects our environment, but it's very expensive. We are keen to find out if there is a similar system for technology that would suit us and cost less.
Works at a logistics company with 1,001-5,000 employees
Real User
2019-04-02T07:02:00Z
Apr 2, 2019
I would like to see improvement in the manageability and easier setup. They need to have features that you can turn on and spin up and not have to buy a license for. I'd want to be able to quickly spin up a feature and start using it and then come back and pay for it later. Citrix has them beat on that.
Network Presales Manager at a comms service provider with 51-200 employees
Real User
2019-03-31T09:41:00Z
Mar 31, 2019
The products are great and easy to upgrade from time to time to improve functionality. F5 BIG-IP is working fine. We use it more in production and operations. There are issues with F5 BIG-IP but they are minor issues, not big ones. This does not affect production and services. Sometimes the operations and the facility systems fail. However, there is an alert action from the windows. Related to the groups, when it comes to cost, rates are regulated. When the market is not good, then we will consider doing the increase. In general, there are more features that could be provided with F5 BIG-IP if it were not so costly. From application to application to customer respects, you can't always customize software based on customer requirements. If you don't consider that, you can't deliver.
Services to be improved: * Multi-cloud consistency, like to simplify administration with centralized policies with multi-cloud vendors * F5 lateral scalability within the container is still restricted. * Web application firewalls and service mesh would be a nice-to-have feature. * Drive programmable application with 100% restful API * Cover deployment * Monitoring * Policy-based control.
We would like to have integration into encryption and PKI integration with SafeNet. That is probably the key component in using External PKIs, letting people bring their PKIs with them. On the back-end, we have a SafeNet component. They are going to bring additional features in, so allowing integration with encryption and PKI, and tying it back into Microsoft AD in the back with an LDAP lookup for users.
Solutions Architect at a tech services company with 5,001-10,000 employees
Real User
2018-12-11T08:31:00Z
Dec 11, 2018
They could improve the product's ease of use. There has been a bit of complication on some things from the admin side. There is some confusion how to operate it.
Certificate management needs improvement. I would like automated deployment of new certificates without manual intervention to be in the next release of this product.
* Cloud native integration should be provided. * Native support for containers should be added to future releases, as this is the future of load balancing.
The management process seems a bit difficult. The management interface is unclear, complex, and not concise. I would like a better user interface. For integration with other AWS environments, we do some tie-ins with some autoscaling groups. This has been challenging for us. We have had issues, where when autoscaling groups scale up, there are some instances which are not showing up in the proper size. Then, those IPs would get registered with F5, but never get released. Therefore, we are ending up with a whole bunch of ghosted IPs. However, this is more an implementation detail than an F5 detail.
People love them in security, but their costs are completely out of bounds. However, I'm not a security guy, so I don't necessarily know all the ins and outs of why our security team may have chosen this product versus other ones. I am disappointed with the additional cost. 25 megabytes is low. If we get to a thousand, a gig, It is like three dollars an hour. While you can get a reduction in price, when I price them against anyone else, they are wildly overpriced. I used GitHub for autoscaling CloudFormation, and I found two bugs and I submitted them. Their implementation in GitHub could be cleaner and allow for a bit more customization. We always end up customizing these things, so I found two bugs and I thought they were big bugs so I was surprised. This wasn't necessarily relative to product. It was more about the support role of GitHub and the way it was launching. However, the features that they said would work, did not.
I would like them to expand load balancing, being able to go across multiple regions to on-premise and into the cloud. This could use improvement, as it is sometimes a little cumbersome.
Network Security Administrator at a tech services company with 1,001-5,000 employees
Real User
2018-08-02T11:48:00Z
Aug 2, 2018
We need best-practice information. They have something called DevCentral and a blog. But we want something from F5 itself regarding how to tackle the false-positive configurations. If you go into detail with so many configurations it will find so many false positives from the moment it is enabled that it will quickly impact your applications, and it will not work.
In future, I would like there to be more device security. I would like the tool to support SSL links, along with SSL and TLS. It also needs to disable the old cipher suite, which is a very old. There are ciphers, like D5, still available on the device.
Logging is a bit of a problem. Logging and monitoring are only in plain text. You have to search and you have to know what you are searching for to find anything. So of course, monitoring and getting alerts for abnormal situations is hard. There are no tools for monitoring and alerts. If you have problems and you need to diagnose them, you really have to know what you're looking for in order to find it. Logging and monitoring could be something out-of-the-box that are more accessible.
Lead Network Engineer at a financial services firm with 10,001+ employees
Real User
2018-07-30T06:35:00Z
Jul 30, 2018
I would like to see F-5 implement a regular routing like in other Linux-based devices. We know the F-5 is not a router, but can be used for traffic forwarding, so it's not the same as other devices if we compare it with Citrix-based devices. It is a simple Linux-based routing software. I don't have any problems with it. However, in F-5, when we try and integrate in some complex networks, we have to use some additional routing scenarios from a Layer 3 perspective, then we have some problems. It would be great if this were fixed somehow. We have to keep in mind features when we deploy an F-5 solution. Designing the same approach in Citrix can often be simpler. I have written syntax in F-5 which were complicated; not straightforward. For example, in a Citrix device, we have a lot of predefined patterns, and it's much simpler to implement.
Technology Manager at SIG Information Technology GmbH
Real User
2018-05-18T06:14:00Z
May 18, 2018
It would help to get more training, even better in local languages. While we are able to speak and understand English, sometimes it is much easier to use the language you truly understand.
Security Governance at a comms service provider with 1,001-5,000 employees
Real User
2018-04-23T08:11:00Z
Apr 23, 2018
I would recommend that the cost be lowered. User tracking: Needs to provide a visual interface to follow a customer's activity (from client to BIG-IP to SNAT IP to the chosen server, then back). Today, we are still performing packet captures.
Performance is the first thing and most critical issue that needs improvement. Supporting more Clients would be nice, but without improving performance, F5 will not widely be used for critical work. It killed an international meeting the first time that we used BIG-IP VPN.
Technical Product Manager at a tech services company with 11-50 employees
Real User
2018-02-06T07:39:00Z
Feb 6, 2018
The room for improvement is that the product is a little costly. I live in the Third World, Pakistan. We have budget constraints, even in big enterprise servers. My team said that this product is too costly, and why don't we go with another product, we should do a comparative analysis with Citrix and F5. I told them that is costly, but it has rich features, the support is good, the features are reliable, and the technical assistance center, the tech support, is almost perfect. Still, I would say they need to cut their prices for countries or regions that we live in. The one gap I saw was that pure LBN integration is a little tricky. The insertion of F5 in LBN is a little tricky. They need to work on something, on products by which they can insert F5 in any sort of cloud environment. These are not really big things. They are continuously improving. They are improving day by day, and they are the number-one load balancer.
Director Technology Solutions with 11-50 employees
Reseller
2017-09-07T08:38:00Z
Sep 7, 2017
Implementing whitepapers with a lot more applications could easily be added. This project is missing some relevant features: * We set up the customer through the load balancer. * Then once it is there and functional, then the next step is to add the web application firewall on the same boxes.
F5 BIG-IP LTM optimizes the speed and reliability of your apps via both network and application layers. Using real-time protocol and traffic management decisions based on app and server and connection management conditions, and TCP and content offloading, BIG-IP LTM dramatically improves application and infrastructure responsiveness. BIG-IP LTM's architecture includes protocol awareness to control traffic for the most important applications. BIG-IP LTM tracks the dynamic performance levels of...
There are no specific areas for improvement as it is already well-resolved and doesn't require further enhancements.
Price is an area of the tool where improvements are required. I want to see CDN capabilities in the product.
In the LTM solution, it would be beneficial to have more algorithms for traffic segmentation or the ability to create user-defined algorithms rather than being restricted to predefined ones.
The pricing must be more flexible. We get billed for firewalls based on the usage. It will be helpful if the solution provides such flexibility.
In terms of pricing, it could be more competitive.
F5 BIG-IP Local Traffic Manager is expensive. Pricing needs to be improved.
The solution's hardware quality needs improvement. Also, its cloud-based anti-DDoS has limitations. It could be better.
Kemp Loadmaster is cheaper compared to F5 BIG-IP Local Traffic Manager (LTM). Also, the solution's UI needs improvement.
BIG-IP LTM is taking a long time to mature in cloud environments. They plan to improve cloud integration in the next version, but it isn't out yet. It's essential because more companies are moving to the cloud these days and using things like Kubernetes or microservices. F5 needs to improve in that direction, and they are.
The pricing model has caused some frustration. My clients implemented the solution and later wanted to upgrade the features but the pricing structure was complicated. There are other solutions with better pricing models.
LTM would be improved with the inclusion of signature-based blocking. In the next release, LTM should include the ability to configure account details and access user logs.
The solution could improve the ease of use, the management could be simplified. Other solutions are easier to use.
The user interface of F5 BIG-IP LTM is old and could improve.
An area for improvement in F5 BIG-IP Local Traffic Manager (LTM) is troubleshooting on the command line, which should be more graphical. Another area for improvement is that it's a high-priced product. What I want to see in the product's next release is more analytics.
F5 BIG-IP LTM can improve on the SSL loading which includes the authentication of certificates. Although, most of these issues have been solved there are still some issue that persists. In a feature release, it would be helpful to have real-time packet features in the GUI.
For right now, I don't have anything I would suggest in terms of improvements. I worked mainly on the CLI. Working on the CLI on the operations level or on the configuration level is sometimes a bit complex to understand. You have to have a good background in Linux so that you can perform the necessary solutioning or operations through the CLI. Whenever we want to investigate something we need to use the CLI, however, the CLI level troubleshooting and the solutioning, it is a little bit complicated. We have a limitation when it comes to the GUI. That said, I have found that we can do much better analysis with troubleshooting over the CLI. Scaling up is complex. It's expensive. We need to have good security features available. It's something I still need to explore more, however.
I would like to see tighter integration with all the product lines. A more hybrid approach would be beneficial for users. It would also be great if the solution was less expensive.
Right now, there are a lot of products within F5's portfolio. They acquired a couple of companies like NGINX and Volterra. Some features and technologies overlapped when this acquisition occurred. They need to refine it and come up with a single, proper solution. F5 should focus more on zero trust network access (ZTNA).They should be more focused on that framework because the industry is moving towards that. Everyone is talking about SASE and zero trust.
It would be good to have better traffic and better data. It would be nice to have more granularity to see packets in terms of the header details, the analytics, etc. It would be nice if that was also part of it and to have analytics added to the traffic.
Its GUI could be a bit better. Other than that, it's already pretty good. We don't use it in a high-performance environment. So, we don't really care so much about too many features.
There are not very many areas for improvement, but the price is high.
F5 BIG-IP Local Traffic Manager could improve by having an FNI feature for a single source to multi-domain load balancing. When I was using the solution I was using the basic functions and I found it difficult to handle some of the more advanced features. I needed assistance from my IT department or the vendors themself. There should be more workshops are places to gain knowledge on how to use the solution. You need specific skill sets to use it.
The price for F5 BIG-IP Local Traffic Manager is very high. This aspect could be improved.
The user interface could be improved in F5 BIG-IP Local Traffic Manager. There's can be some improvements done on the access policy manager(APM) such as supporting APIs and web services.
My only point of contention would be that it is a little pricey.
The solution could improve the documentation.
In terms of what could be improved, I would expect more integration with different platforms and more integration with the backend systems. Additionally, in the next release, I would like a more secure version.
The pricing of the product is a bit too high. They should work to make it more affordable. It needs to be more cost-efficient.
The pricing could always be better. It's a bit expensive. It would be ideal if they offered integration with NGINX. They purchased NGINX as well. Therefore, if it's got integration with NGINX, then you kind of have one single pane of a console for all the F5/NGINX portions of your work.
Technical support is somewhat slow and could be improved.
Its scalability and deployment should be better. It should be more scalable, and it should be easier to deploy.
I can't say that there are any features missing. I've overall been quite happy with it. We once had an issue related to trying to publish some exchange application to a file and we experienced some problems there, however, the incident was not really related to BIG-IP. It was likely some kind of infrastructure problem the company was experiencing. We haven't had any big problems of note. Technical support could be faster. It's something I'd like to see them work on in the future. The pricing could be more reasonable.
We use a limited amount of features so the biggest issue for us is the price. For what we're using, it's an expensive solution.
Its price can be better. It is a bit expensive.
We are currently using BIG-IP and NetScaler and we wanted to have just one technology. We will be replacing F5 in March. NetScaler is primarily used for Citrix purposes and BIG-IP is being used as a reverse proxy for our other applications. We would like to manage it easily with one technology. I would like to see better integration. I can remember when we were implementing ADFS, we had some challenges. There is not a lot of documentation available where you can refer to and configure any new technologies.
There are some aspects of F5 BIG-IP that could be improved, the main one being virtual machine support. We have seen that even with the virtual editions, there are some things that we would like to do that are currently not possible with virtual machines. We have seen some problems mainly with F5 BIG-IP ASM, and so I think the virtual editions of the ASM could be improved. Another negative aspect is the cost, as it can be expensive.
Currently, the product offers everything we need. I can't recall any features that may be lacking.
I'd like to see a more intuitive interface. The market now is moving into salvage services, different kinds of services, not only hardware solutions.
I would like to see some better documentation focused on our website and better search criteria. That's probably the best way to say that there needs to help with research. The cost of the solution is pretty high. It would be ideal if it was more reasonable.
When we purchased the product, we found it to be a bit expensive. If we decide to migrate to the cloud, I don't think that BIG-IP is a good solution and we probably won't use it. If the price for a cloud-based deployment can be matched with their competitors the I think it would be a far better solution.
When you create an autofile, its profile takes a long time to generate the view in the VIP. That is probably due to the performance of the device, however, when you load a specific profile, the browser takes more than one minute to show the information. The web interface could be better. The solution should allow for the creation of custom signatures. Right now, I see that can be a little bit complicated to create new or personal signatures in the VIP. The way that policies are created should make it easier to maintain the solution. The product needs to implement some kind of artificial intelligence or machine learning that can start to generate fewer false positive requests. We tend to have a lot of false positives. The policy should be created in such a way as to help lower false positives. There should be better reporting. Our customers ask us for reports quite often. It would be ideal if the solution itself was able to generate various types of reports for them instead.
There should be more logging improvements on F5. The logging features are too limited and do not give us a solid understanding of what's happening. For example, the web application firewall logs don't say complete, or why this is blocked, which signature or which root cause is blocking the log. Also, it can provide more understandable windows or dashboards regarding the latency of the application. Citrix has cheap tools that show what is happening and describe why did they happen. I would like to see improvements to the dashboard, latency reporting, and monitoring. Improvements in these areas would be very valuable.
The reporting could be improved and I'd also like to see the UI adjusted to make configuration easier. There are some things in the F5 configuration that are complicated.
More training should be available to customers. There is a guide that is available on the internet, but the training is not as good as others, such as Cisco. While F5 does have a big market share, it is not easy to find a well-training F5 engineer. If they made it easier for engineers to get F5 training then it would be better.
The policies management could be improved, that's why I'm doing a comparison of other solutions. This is also a very expensive solution. I'd like to see external loading included as part of the solution.
This solution could be improved by reducing the cost. It's the main reason that we're considering another option for our website even though we're very satisfied with the way the Big-IP works and the way Big-IP protects our environment, but it's very expensive. We are keen to find out if there is a similar system for technology that would suit us and cost less.
The license terms for "non-commercial" are challenging for us.
I would like to see improvement in the manageability and easier setup. They need to have features that you can turn on and spin up and not have to buy a license for. I'd want to be able to quickly spin up a feature and start using it and then come back and pay for it later. Citrix has them beat on that.
The products are great and easy to upgrade from time to time to improve functionality. F5 BIG-IP is working fine. We use it more in production and operations. There are issues with F5 BIG-IP but they are minor issues, not big ones. This does not affect production and services. Sometimes the operations and the facility systems fail. However, there is an alert action from the windows. Related to the groups, when it comes to cost, rates are regulated. When the market is not good, then we will consider doing the increase. In general, there are more features that could be provided with F5 BIG-IP if it were not so costly. From application to application to customer respects, you can't always customize software based on customer requirements. If you don't consider that, you can't deliver.
Services to be improved: * Multi-cloud consistency, like to simplify administration with centralized policies with multi-cloud vendors * F5 lateral scalability within the container is still restricted. * Web application firewalls and service mesh would be a nice-to-have feature. * Drive programmable application with 100% restful API * Cover deployment * Monitoring * Policy-based control.
They have to scale, developing more products. I would like them to have more flexible models.
We would like to have integration into encryption and PKI integration with SafeNet. That is probably the key component in using External PKIs, letting people bring their PKIs with them. On the back-end, we have a SafeNet component. They are going to bring additional features in, so allowing integration with encryption and PKI, and tying it back into Microsoft AD in the back with an LDAP lookup for users.
The auto logout feature after three minutes is terrible. I wish they would make that longer, since it is not a feature that we can change.
They could improve the product's ease of use. There has been a bit of complication on some things from the admin side. There is some confusion how to operate it.
Certificate management needs improvement. I would like automated deployment of new certificates without manual intervention to be in the next release of this product.
We would like to see load balancing between the cloud and the on-premise, a straightforward deployment feature.
* Cloud native integration should be provided. * Native support for containers should be added to future releases, as this is the future of load balancing.
The management process seems a bit difficult. The management interface is unclear, complex, and not concise. I would like a better user interface. For integration with other AWS environments, we do some tie-ins with some autoscaling groups. This has been challenging for us. We have had issues, where when autoscaling groups scale up, there are some instances which are not showing up in the proper size. Then, those IPs would get registered with F5, but never get released. Therefore, we are ending up with a whole bunch of ghosted IPs. However, this is more an implementation detail than an F5 detail.
People love them in security, but their costs are completely out of bounds. However, I'm not a security guy, so I don't necessarily know all the ins and outs of why our security team may have chosen this product versus other ones. I am disappointed with the additional cost. 25 megabytes is low. If we get to a thousand, a gig, It is like three dollars an hour. While you can get a reduction in price, when I price them against anyone else, they are wildly overpriced. I used GitHub for autoscaling CloudFormation, and I found two bugs and I submitted them. Their implementation in GitHub could be cleaner and allow for a bit more customization. We always end up customizing these things, so I found two bugs and I thought they were big bugs so I was surprised. This wasn't necessarily relative to product. It was more about the support role of GitHub and the way it was launching. However, the features that they said would work, did not.
I would like them to expand load balancing, being able to go across multiple regions to on-premise and into the cloud. This could use improvement, as it is sometimes a little cumbersome.
They need to improve the interface and some of the functionalities.
The pricing could be improved.
We need best-practice information. They have something called DevCentral and a blog. But we want something from F5 itself regarding how to tackle the false-positive configurations. If you go into detail with so many configurations it will find so many false positives from the moment it is enabled that it will quickly impact your applications, and it will not work.
F5 should improve or develop the reporting tools further. They should improve the management policies on the BOX.
In future, I would like there to be more device security. I would like the tool to support SSL links, along with SSL and TLS. It also needs to disable the old cipher suite, which is a very old. There are ciphers, like D5, still available on the device.
Logging is a bit of a problem. Logging and monitoring are only in plain text. You have to search and you have to know what you are searching for to find anything. So of course, monitoring and getting alerts for abnormal situations is hard. There are no tools for monitoring and alerts. If you have problems and you need to diagnose them, you really have to know what you're looking for in order to find it. Logging and monitoring could be something out-of-the-box that are more accessible.
I would like to see F-5 implement a regular routing like in other Linux-based devices. We know the F-5 is not a router, but can be used for traffic forwarding, so it's not the same as other devices if we compare it with Citrix-based devices. It is a simple Linux-based routing software. I don't have any problems with it. However, in F-5, when we try and integrate in some complex networks, we have to use some additional routing scenarios from a Layer 3 perspective, then we have some problems. It would be great if this were fixed somehow. We have to keep in mind features when we deploy an F-5 solution. Designing the same approach in Citrix can often be simpler. I have written syntax in F-5 which were complicated; not straightforward. For example, in a Citrix device, we have a lot of predefined patterns, and it's much simpler to implement.
Internet and cloud support could be improved. Security enhancement should be more user friendly.
It would help to get more training, even better in local languages. While we are able to speak and understand English, sometimes it is much easier to use the language you truly understand.
I would recommend that the cost be lowered. User tracking: Needs to provide a visual interface to follow a customer's activity (from client to BIG-IP to SNAT IP to the chosen server, then back). Today, we are still performing packet captures.
Performance is the first thing and most critical issue that needs improvement. Supporting more Clients would be nice, but without improving performance, F5 will not widely be used for critical work. It killed an international meeting the first time that we used BIG-IP VPN.
The room for improvement is that the product is a little costly. I live in the Third World, Pakistan. We have budget constraints, even in big enterprise servers. My team said that this product is too costly, and why don't we go with another product, we should do a comparative analysis with Citrix and F5. I told them that is costly, but it has rich features, the support is good, the features are reliable, and the technical assistance center, the tech support, is almost perfect. Still, I would say they need to cut their prices for countries or regions that we live in. The one gap I saw was that pure LBN integration is a little tricky. The insertion of F5 in LBN is a little tricky. They need to work on something, on products by which they can insert F5 in any sort of cloud environment. These are not really big things. They are continuously improving. They are improving day by day, and they are the number-one load balancer.
Implementing whitepapers with a lot more applications could easily be added. This project is missing some relevant features: * We set up the customer through the load balancer. * Then once it is there and functional, then the next step is to add the web application firewall on the same boxes.