Infrastructure // Networking
11:03 AM
Connect Directly
Repost This

F5 Upgrades Virtualization Platform

BIG-IP version 11 aims to combine the flexibility of virtualization with the performance of dedicated hardware.

Analytics Slideshow: 2010 Data Center Operational Trends Report
Analytics Slideshow: Data Center Operational Trends Report
(click for larger image and for full slideshow)
The main selling point of application front-end appliances is dedicated hardware for functions like load balancing or processing SSL and HTTP, so virtualizing them seems like it would defeat their very purpose. Yet most vendors offer their products as virtual appliances, and F5 on Monday announced a new architecture intended to make full use of virtualization. F5 said that version 11 of its BIG-IP system helps the data center dynamically adjust to different conditions, rapidly provisioning network services by instantiating them on virtual machines. Its security platform also includes new features that protect against Web 2.0 attacks.

F5 makes virtualization fit with dedicated hardware by recreating the entire virtualization stack, from hardware to hypervisor to OS to software. "The key to a dynamic data center is managing application infrastructure from a strategic point of control that makes sense," Alan Murphy, senior technical marketing manager at F5, said in an interview.

The core of the new platform is virtual clustered multiprocessing (vCMP), a technique that F5 said can aggregate all of the physical resources in a deployment into a single virtual pool. "Under the hood, vCMP is like a hypervisor," said Murphy. "But it's custom written for our traffic delivery system on our hardware." However, F5 is giving customers choice--or hedging its bets--by offering versions that run on standard VMware platforms too.

The virtualization theme also extends to security devices, which can be controversial. While sandboxing processes in virtual machines is a useful technique to improve security, many enterprise users are reluctant to run security appliances themselves in a virtual environment. F5 thinks this isn't a serious concern for most of its customers.

"Companies like VMware have done an excellent job in locking down the virtual appliance," Mark Vondemkamp, director of security product management at F5, said in an interview. "The latest version doesn't have any shell support at all." However, in common with other security vendors that have gone down the path of virtual appliances, F5 isn't abandoning physically isolated devices for people who need them.

In addition to thwarting Web 2.0 attacks based on AJAX and JSON, F5 is hoping to take advantage of Web 2.0's social features through a community development site for iRules, the programmable filters used to customize the BIG-IP. Vondemkamp gave an example of a recent DDoS attack that used a botnet to exploit flaws in several of its customers' servers. "Our customers and community were able to write an iRule and load that on the box in near real time," he said. As a result, the F5 box was able to mitigate the attack even without patching the underlying flaw.

The updated software also includes some of F5's own analytics software. The vendor said it is in an ideal position to monitor traffic trends for functions such as business intelligence and capacity planning because its appliances already see nearly all traffic entering a data center and inspect it to route it appropriately and monitor for attacks. The box can collect multiple statistics of both users and the servers they are accessing, including latency, throughput, IP address, virtual server, and geographic location.

You can't afford to keep operating without redundancy for critical systems--but business units must prioritize before IT begins implementation. Also in the new, all-digital InformationWeek SMB supplement: Avoid the direct-attached storage trap. Download it now. (Free registration required.)

Comment  | 
Print  | 
More Insights
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.