F5 traffic manager get a boost

F5 Networks' next generation of Big-IP software platform will pack traffic compression, DOS (denial-of-service) attack protection...

F5 Networks' next generation of Big-IP software platform will pack traffic compression, DOS (denial-of-service) attack protection and other features into a variety of new server load balancing devices as well as some older F5 boxes.

The company, a pioneer supplier of application traffic management hardware which handles the performance of applications over a network, aims to stop the proliferation of separate appliances and accompanying software interfaces.

"Every time there's 10 new products out on the market, you end up with 10 boxes on your network," said Joel Conover of Current Analysis.

Consolidation is natural, he added. "All these products get perpetually integrated down into these web load balancers," he said.

A Big-IP platform acts as a front end to an array of servers, balancing the load of user requests to those servers as well as giving each user session the right characteristics and securing the network, according to Jason Needham, senior product manager at F5.

It includes content acceleration, connection optimisation, traffic compression, rate shaping, DOS attack protection, SSL (Secure Sockets Layer) encryption and an application firewall. Each enterprise can tune the software to best serve its own applications, he said.

As enterprises make existing applications accessible via the web, they will have to keep delivering the performance that end-users have come to expect, said analyst Jarad Carleton of Frost & Sullivan.

The functions built into the Big-IP platform should help them deliver that, Carleton said.

Bringing those functions together into a single box with one operating system and user interface can save money on hardware as well as management time, analysts said. But in some cases it may also be the only way to carry them all out, because encryption has to be coordinated with other functions or they will not work, according to Lynn Nye, president of consultants APM Advisors.

"Encryption makes the network stupid real fast, because [it] can't see into the data and do anything," Nye said.

SSL encryption, which many financial institutions use to secure their customers' web transactions, scrambles data so it cannot be compressed, prioritised or directed to a certain server based on markers such as XML details, Nye said.

F5 is not the only company joining the integration trend, Nye said. He believes Cisco, which F5 calls its main competitor, will back up its evangelism for building more intelligence into networks by acquiring a maker of this type of multifunction "application front end".

Once it does, the networking firm could offer the capabilities in an appliance or integrate them into a switching platform, he said.

An added security capability in the new Big-IP platform is the capability to analyse traffic in both directions. This feature, which most current traffic management products do not have, lets the system halt information that should not get out of the enterprise, according to F5.

That could be a critical security capability, Nye said. For example, it could block a server from ever sending web shopping customers' US Social Security numbers out of the network, he said.

Big-IP, Version 9, is available with three new hardware platforms. The 1500 IP Application Switch, priced at $16,995 (£9,500), to the 6400 IP Application Switch at $34,995. All come equipped with SSL acceleration at 100 transactions per second.

There are also add-on modules starting at $1,995, including ones for compression, rate shaping, advanced client authentication, IPV6 (Internet Protocol, Version 6), routing modules and faster SSL acceleration. Big-IP, Version 9, will also be available for existing F5 customers using the 1000, 2400 and 5100 platforms.

Stephen Lawson writes for IDG News Service

Read more on IT operations management and IT support