Big-IP Hardware Platform

BIP-IP

SEPTEMBER 1, 2023
 BIG-IP Hardware Platform
BIG-IP SDC comes with wide range of fixed and modular Model along with Virtual Edition also. They
all run TMOS.

Below are some Models and its specification mentioned for reference purpose.

big-ip-platforms-data
sheet.pdf
Refer to Data Sheet :

The F5 BIG-IP product line consists of a range of application delivery controllers (ADCs) that provide
various features for load balancing, security, application optimization, and more. BIG-IP models and
their specifications:

1. BIG-IP iSeries:
 Example Models: i5800, i7800, i10800
 Features: These models are designed for high-performance application delivery, security, and
optimization.
 Throughput: Up to 60 Gbps (i5800), up to 100 Gbps (i7800), up to 180 Gbps (i10800)

2. BIG-IP 4K Platform:
 Example Models: 4400, 6400
 Features: These models offer advanced application security, intelligent traffic management, and
scalable performance.
 Throughput: Up to 40 Gbps (4400), up to 60 Gbps (6400)

3. BIG-IP 2K Platform:
 Example Models: 2200, 4200
 Features: These models provide a balance between performance and affordability, suitable for mid-
sized applications.
 Throughput: Up to 10 Gbps (2200), up to 25 Gbps (4200)

4. BIG-IP Virtual Edition (VE):

 Features: Virtual instances of BIG-IP that can be deployed on various hypervisors and cloud
platforms.
 Throughput: Throughput varies based on the allocated resources to the virtual instance.

5. BIG-IP Cloud Edition:

 Features: Designed for deployment in cloud environments, providing elasticity and scalability.
 Throughput: Varies based on the selected instance type and cloud provider.
1 | P a g e Created by Mohammed Abdus Subhan E-Mail: Cybersechunters@hotmail.com
2 | P a g e Created by Mohammed Abdus Subhan E-Mail: Cybersechunters@hotmail.com
As you may know, with the Availability of the F5 𝐁𝐈𝐆-𝐈𝐏 𝐫𝐒𝐞𝐫𝐢𝐞𝐬 r2000, r4000, r5000, and r10000, F5
is announcing the Advanced Notification of the 𝐄𝐧𝐝 𝐨𝐟 𝐒𝐚𝐥𝐞 (𝐄𝐨𝐒) 𝐟𝐨𝐫 𝐭𝐡𝐞 𝐁𝐈𝐆-𝐈𝐏 𝐢𝐒𝐞𝐫𝐢𝐞𝐬
𝐏𝐥𝐚𝐭𝐟𝐨𝐫𝐦𝐬, Effective "𝐉𝐚𝐧𝐮𝐚𝐫𝐲 𝟏, 𝟐𝟎𝟐𝟒" (𝗞𝟬𝟬𝟬𝟭𝟯𝟯𝟱𝟴𝟯).

 One of the Significant Advantages of 𝐫𝐒𝐞𝐫𝐢𝐞𝐬 Platform is the "𝐏𝐀𝐘𝐆" Options. The rSeries Family
of Appliances has 𝐌𝐮𝐥𝐭𝐢𝐩𝐥𝐞 𝐇𝐚𝐫𝐝𝐰𝐚𝐫𝐞 𝐚𝐧𝐝 𝐒𝐨𝐟𝐭𝐰𝐚𝐫𝐞 𝐎𝐩𝐭𝐢𝐨𝐧𝐬 similar to the previous Generation
iSeries Appliances.

 F5 has reduced the Total Number of 𝐃𝐢𝐬𝐭𝐢𝐧𝐜𝐭 𝐇𝐚𝐫𝐝𝐰𝐚𝐫𝐞 𝐏𝐥𝐚𝐭𝐟𝐨𝐫𝐦𝐬 in the rSeries Family, but
𝐈𝐧𝐜𝐫𝐞𝐚𝐬𝐞𝐝 𝐭𝐡𝐞 𝐍𝐮𝐦𝐛𝐞𝐫 𝐨𝐟 𝐏𝐀𝐘𝐆 𝐎𝐩𝐭𝐢𝐨𝐧𝐬 in the Mid-range, and High-end rSeries Models to Allow
for similar Price and Performance points of previous Generations.

 Instead of Offering a 𝟕𝟎𝟎𝟎 𝐒𝐞𝐫𝐢𝐞𝐬 𝐏𝐥𝐚𝐭𝐟𝐨𝐫𝐦 in between the 5000 and 10000 Models, F5 now
Offers "𝟑" 𝐏𝐀𝐘𝐆 𝐓𝐢𝐞𝐫𝐬/𝐋𝐢𝐜𝐞𝐧𝐬𝐢𝐧𝐠 𝐎𝐩𝐭𝐢𝐨𝐧𝐬 for both the 5000 and 10000 Models.

Note : In F5 They have Same hardware but are restricted by software.

You can simply unblock for more resources, based on Add-on license.

3 | P a g e Created by Mohammed Abdus Subhan E-Mail: Cybersechunters@hotmail.com

 The F5 BIG-IP product line consists of various models that offer different performance levels and
features to cater to different network and application requirements.. Here are some common F5 BIG-
IP models and their general specifications as of my last update:

1. F5 BIG-IP iSeries:

 These models are designed for high-performance application delivery and security.
 They offer a wide range of throughput and concurrent connection capacities.
 Features include advanced application optimization, security, and availability.

2. F5 BIG-IP VIPRION:

 The VIPRION series is a chassis-based solution that allows for scalability and modular performance.
 It supports multiple blades that can be customized based on performance needs.
 Designed to handle high volumes of traffic and complex application delivery requirements.

3. F5 BIG-IP Virtual Edition (VE):

 A virtualized version of the BIG-IP platform that can be deployed in various virtualization
environments.
 Provides many of the same features as hardware-based models.
 Well-suited for cloud deployments and scenarios where flexibility is essential.

4. F5 BIG-IP Cloud Edition:

 Designed specifically for cloud-native applications and environments.

 Offers features like automatic scaling, container integration, and API-driven management.

5. F5 BIG-IP DNS:

 This model is focused on DNS (Domain Name System) services.

 It helps manage and optimize DNS traffic, ensuring fast and reliable DNS resolution.

6. F5 BIG-IP Access Policy Manager (APM):

 Concentrates on secure remote access and identity management.

 Provides features for authentication, authorization, and access control.

7. F5 BIG-IP Advanced Firewall Manager (AFM):

 Primarily a firewall and network security appliance.

 Offers features like deep packet inspection and protection against DDoS attacks.

8. F5 BIG-IP Application Security Manager (ASM):

4 | P a g e Created by Mohammed Abdus Subhan E-Mail: Cybersechunters@hotmail.com
 Focuses on application security, including web application firewall (WAF) functionality.
 Helps protect against common web application vulnerabilities.

It's important to note that each model might have different specifications in terms of throughput,
connections per second, SSL/TLS performance

5 | P a g e Created by Mohammed Abdus Subhan E-Mail: Cybersechunters@hotmail.com

 F5 BIGIP LTM
BIG-IP F5

In this BIG-IP F5 LTM Training , you will learn all deep dive concepts related to BIG-IP F5. This
course will give opportunity to learn all BIG-IP F5 Hardware Product Architecture , its models and
traffic Processing.

This BIG-IP F5 LTM Training Course enables you to have complete knowledge about LTM and its
feature but also helps you to prepare for BIG-IP F5 TMOS Administrator Exam.

In this you will also learn to configure BIG-IP F5 feature set, Load balancing Method , Monitors ,
iRules etc. This is the Best BIG-IP F5 LTM LABS, that has been designed in such a way that, it
includes not only theory but also traffic flow of each related topics associated to LAB.

Course Pedagogy

The Course Pedagogy will help you to learn the following concepts on BIG-IP F5 hardware Platform.

Introduction to BGI-IP Hardware Platform

How to Provision BIG-IP LTM box

How to Configure and use BIG-IP Object and Load Balancing Method

Learn about BIG-IP F5 Persistence & Types

How to use BIG-IP F5 Monitors

BIG-IP F5 Profile Concepts

Learn BIG-IP F5 SNAT

How to Configure BIG-IP F5 iRules

BIG-IP F5 LTM labs

BIG-IP F5 is the ADC (Application Delivery Controller), which is mainly used in Load balancing the
application traffic, and comprised of other features such as Virtual Edition Container, TMOS, and
TMM and comes with various other modules to achieve specific tasks.

We will see what other separate modules it comes with shortly.

Understanding BIG-IP Hardware Architecture

6 | P a g e Created by Mohammed Abdus Subhan E-Mail: Cybersechunters@hotmail.com

Big-IP Hardware comprised of several various hardware elements and their purpose are discussed
below:

Traffic Management Microkernel (TMM):

It is the traffic management hardware component and has following features:

Contains L2 Switch module with NICs

Contains dedicated SSL Encryption or FIPS Hardware

Contains dedicated compression hardware

Contains Packet velocity ASIC or embedded Packet Velocity ASIC (ePVA) using FPGAs (Field
Programmable gate Arrays)

TMM Uses all CPU and almost RAM, however a small amount of RAM is also shared with HMS.

TruboFlex™:

This Hardware element is only present in F5 iSeries ADC. It Provides FPGA features along with a pre-
packaged optimization which user can select. It also contains some free CPU to complete other task.

Host Management Subsystem (HMS):

This Hardware component runs a version of CentOS (Community Enterprise Operating system) Linux
which also include SELinux.

HMS is mainly used for system management, administration function. It uses a single CPU (shared
with TMM) and also uses a shared RAM.

Always On Management:

It provides ‘light out ‘Management of the HMS, via a dedicated management processor as well as
layer 2 switch management.

Baseboard Management Controller (BMC):

This Controller has separate dedicated controller that is independent of primary TMM and HMS
components. Due to which it is useful in providing Out of Band Management and Monitoring.

Below is the BIG-IP Hardware Architecture which has been discussed above

7 | P a g e Created by Mohammed Abdus Subhan E-Mail: Cybersechunters@hotmail.com

Understanding BIG-IP Software – TMOS

TMOS is traffic Management Operating System, This TMOS is used for all F5 Network traffic and not
for Data traffic.

Below are the primary software element of BIG-IP known as TMOS.

TMM: (Traffic Management Microkernel Software):

It Contain software in form of Operating and support following feature like System , LTM iRules ,
proxies, FastL4, fastHTTP, fast Application proxy, TCPExpress, IPV4,IPV6.

Software to support firmware which operates dedicated SSL , other cards and hardware

Supports Interface to connect HMS

TurboFlex FPGA Firmware

HMS:

This HMS version of software contains modified version of CentOS.

8 | P a g e Created by Mohammed Abdus Subhan E-Mail: Cybersechunters@hotmail.com

It has rich tools and interface to manage system like WebGUI, tmshCLI, DNS Client, SNMP, NTP.

Local Traffic Manager (LTM):

When we license each module like LTM, GTM, APM, ASM, these Module uses TMM to perform each
specific tasks.

AOM:

This Software provides, Light out system management, which is accessible from Management
network interface and Serial Console.

Intelligent Platform Management Interface (IPMI):

This is the hardware level interface specification and protocol supported by BIG-IP iSeries Hardware.

It provides out of band monitoring & management of system, even though BIG-IP does not have an
operating system and also when system is off.

This is Accessed by Management network Interface and Serial Consol.

Maintenance Operating System (MOS): It provides disk management, File System Mounting, and
Maintenance.

Below is the BIG-IP System Software Architecture which is discussed in above section.

9 | P a g e Created by Mohammed Abdus Subhan E-Mail: Cybersechunters@hotmail.com

10 | P a g e Created by Mohammed Abdus Subhan E-Mail: Cybersechunters@hotmail.com