Big-IP 10.1 has been
released announced. It includes a lot of new features and enhancements to some existing features.
You can read some of the press releases on our main news page:
F5 Delivers Advanced Web Security Solutions to Help Customers Efficiently Address Threats to Web Applications and Enhance Business Performance
Enhanced support for Windows 7 and Windows Server 2008 R2.
Direct Access and BranchCache
Microsoft DirectAccess lets Windows 7 clients create a secure connection directly to the network over IPsec rather than having to create a separate VPN connection. That means that you can still access your files securely while you are enjoying coffee and a scone at Starbuck Joe wrote a great article addressing how Big-IP 10.1 helps enable DirectAccess using Windows 7 clients with Windows Server 2008 R2 servers in your enterprise. BranchCache is a new feature in Windows 7 and Windows Server 2008 R2 that will cache content from remote servers on local servers. You can access the file once it is cached as if you were working in the remote office, using less WAN bandwidth and wasting less of your time. BranchCache can work in one of two modes: Hosted cache mode and Distributed Cache mode. In hosted mode, a Windows Server 2008 R2 server will host the cached content. In Distributed mode the clients will host the cached content. Big-IP v10.1 will route the file requests to the correct server or client.
Lori wrote a great post about what DNSSEC is and how it works, “It’s DNSSEC Not DNSSUX”, and Jason posted an article explaining how to configure the new DNS features using both the GUI and TMSH. Configuring GTM Version 10.1's DNS Security Extensions
Advanced bot and scanner protection
Big-IP 10.1 includes support for detecting web site scraping and allows you to set thresholds for locking out IP addresses.
ASM’s new Attack Expert System helps make sense of the attacks you see logged against your network. Each attack has a list of possible attack types and the types are explained. The reporting GUI has been reworked. You can either view a chart or drill down into the attacks with a few clicks. Ten-Point-One also includes a PCI compliance report.
Look for some more information about some of these features in the coming months.
(edited for clarity SCK)
I'm not a network engineer. I just build the applications, the network professionals take care of deploying my applications and making sure they stay up. Why should I care about what hardware they use?
Because the hardware they use could influence my application architecture.
- If I know the IT guys are able to bring in new servers in response to increased demand, I start to think about distributed caching instead of replication maybe. I start to think that the application shouldn't store any data in a machine specific session so that the load balancer can send the user to any machine.
- If they have access to distributed hardware caching, maybe I don't have to worry about donut caching in my pages.
- If I know they can pull servers in and out of the clusters at will with no visible downtime to our users, I start to think about deploying more often. I can become more agile.
- If I don’t have to worry about how much space is left where I’m storing my users uploads, I don’t have to write code to check how much space is available and present an error to my users if the space fills up.
One of my goals with my F5 Devcentral blog is to explore ways that developers and IT professionals can cooperate more and blur the lines between them a bit more.