A BIG IP is a product first developed by a company called F5 Networks, Inc and initially was a Layer 7 Load Balancer. Now it has evolved into a complete network traffic appliance and is a device that fits into the category of application delivery networking. BIG-IP is specifically an application delivery controller, a category of advanced traffic networking and load balancing devices. These devices are generally deployed at the edge of the network and are in a class similar to layer 4-7 switches. The application delivery controller sits in front of a pool, often referred to as a cluster or farm, of servers and directs traffic based on a number of variables including application specific data, application protocol headers, current network conditions such as available bandwidth and latency, as well as information about the health of the applications residing in the pools.

A BIG-IP, like other application delivery controllers, is designed to enhance the reliability, availability, and security of the applications it delivers.

BIG-IP Specific Features

SSL Acceleration: all current models of the BIG-IP appliance have specialized hardware for SSL handshakes as well as bulk encryption/decryption. This hardware can perform SSL encryption/decryption more efficiently than the general-purpose CPUs found on web servers. The BIG-IP 8800 can handle 6Gbps of SSL encryption/decryption.

Intelligent Compression: reduces amount of data to be transferred for HTTP objects by utilizing gzip compression available in all modern web browers (optional hardware compression is available for the BIG-IP 6400 or higher).

Rate Shaping: allows some applications to receive a greater portion of the bandwidth and/or a higher priority than others.

Advanced Client Authentication: the BIG-IP can authenticate users against a variety of authentication sources (including Active Directory, LDAP, Radius, etc) before allowing them access to a website.

Advanced Routing: including BGP, OSPF, and RIP routing protocols.

IPv6/IPv4 Gateway

Caching: Caches static HTTP content in RAM to take load off of the web servers.

Global traffic management: GTM, previously known as 3DNS, uses DNS to provide global high-availability for applications. At least two GTM servers in at least two locations will answer DNS requests for an entire domain or a subdomain. The GTM servers also monitor the availability of applications in more than one datacenter. When clients request IPs for hostnames managed by GTM, it returns the "best" server for that user based on application availability, location of the user, round-trip-time, etc.

Application security: application security manager is a Web Application Firewall and utilizes a positive (default-deny) layer-7 security policy to secure HTTP and HTTPS websites.

Link/Internet Service Provider (ISP) Load balancing

Web Acceleration: above and beyond caching and compression, the web accelerator modifies the actual content of websites in real time to provide a better end-user experience.

SPAM Filtering: the message security module utilizes Secure Computing's TrustedSource IP reputation database to refuse mail from known spammers even before sending the messages to other SPAM filters.

iControl Application Programming Interface (API): an open API for management of the BIG-IP

iRules: a TCL-based scripting language allowing arbitrary manipulation of traffic flowing through the BIG-IP, including real-time modification of said data.

References