Tag Archives: CrossPostedFromDevCentral

Why should I care about Big-IP 10.1?

 

Big-IP 10.1 has been released announced. It includes a lot of new features and enhancements to some existing features.

You can read some of the press releases on our main news page:

F5 Delivers Advanced Web Security Solutions to Help Customers Efficiently Address Threats to Web Applications and Enhance Business Performance

F5’s BIG-IP Solution Enables Service Providers to Transparently Scale and Grow Mobile Services

F5 Enhances IP Geolocation Capability through Partnership with Quova

F5 Solutions Optimize Microsoft Windows 7 and Windows Server 2008 R2 Deployments

 

Enhanced support for Windows 7 and Windows Server 2008 R2.

Direct Access and BranchCache

Microsoft DirectAccess lets Windows 7 clients create a secure connection directly to the network over IPsec rather than having to create a separate VPN connection. That means that you can still access your files securely while you are enjoying coffee and a scone at Starbuck Joe wrote a great article addressing how Big-IP 10.1 helps enable DirectAccess using Windows 7 clients with Windows Server 2008 R2 servers in your enterprise. BranchCache is a new feature in Windows 7 and Windows Server 2008 R2 that will cache content from remote servers on local servers. You can access the file once it is cached as if you were working in the remote office, using less WAN bandwidth and wasting less of your time. BranchCache can work in one of two modes: Hosted cache mode and Distributed Cache mode. In hosted mode, a Windows Server 2008 R2 server will host the cached content. In Distributed mode the clients will host the cached content. Big-IP v10.1 will route the file requests to the correct server or client.

 

Security

DNSSEC

Lori wrote a great post about what DNSSEC is and how it works, “It’s DNSSEC Not DNSSUX”, and Jason posted an article explaining how to configure the new DNS features using both the GUI and TMSH. Configuring GTM Version 10.1’s DNS Security Extensions

Advanced bot and scanner protection

Big-IP 10.1 includes support for detecting web site scraping and allows you to set thresholds for locking out IP addresses.

Enhanced reporting

ASM’s new Attack Expert System helps make sense of the attacks you see logged against your network. Each attack has a list of possible attack types and the types are explained. The reporting GUI has been reworked. You can either view a chart or drill down into the attacks with a few clicks. Ten-Point-One also includes a PCI compliance report.

 

Look for some more information about some of these features in the coming months.

 

(edited for clarity SCK)

Why should I care about the hardware?

I’m not a network engineer. I just build the applications, the network professionals take care of deploying my applications and making sure they stay up. Why should I care about what hardware they use?

 

Because the hardware they use could influence my application architecture.

  • If I know the IT guys are able to bring in new servers in response to increased demand, I start to think about distributed caching instead of replication maybe. I start to think that the application shouldn’t store any data in a machine specific session so that the load balancer can send the user to any machine.
  • If they have access to distributed hardware caching, maybe I don’t have to worry about donut caching in my pages.
  • If I know they can pull servers in and out of the clusters at will with no visible downtime to our users, I start to think about deploying more often. I can become more agile.
  • If I don’t have to worry about how much space is left where I’m storing my users uploads, I don’t have to write code to check how much space is available and present an error to my users if the space fills up.

 

One of my goals with my F5 Devcentral blog is to explore ways that developers and IT professionals can cooperate more and blur the lines between them a bit more.