Zurien Blog

This technology is very close to my Corazon (Heart), This is F5! It’s not the fighter jet nor the finishing move of your favorite wrestler. You won’t find any platform that can do many things such as networking, server/linux, load balancing, application controller and under security this is a mix of the DoS/DDoS protection, Web Application Firewall (WAF), Data Center Firewall, VPN, Access Policy and many more. It’s also expensive. It’s the Ferrari of network and security appliances. We’re going to talk about the company as well as their products such as F5 BIG-IP and NGINX. Yes! Not too many people are aware F5 is the mother company of NGINX. For those who are new to this channel, Welcome! I am your host, name is Dean Armada and I am your Cloud and Data Center Rockstar and on this channel, we talk about tech careers and certifications, trivia and tutorials in cyber security, trivia and tutorials in Cloud and Data Center and my journey as an I.T instructor so feel free to check out the rest of the channel and consider subscribing!

F5 networks it’s a technology company based in Seattle, Washington. Their main product is F5 BIG-IP, which is categorized as application delivery controller and application security solutions. Before, the company was only offering intelligent load balancing and Application Delivery Controller (ADC) solutions but later expanded providing application and security services as well.

History
Originally named F5 Lab but rebranded as F5 networks in 1996. F5 labs is still used as a portal dedicated for gathering threat intelligence data and providing application security reports as well. F5 BIG-IP was first launched in 1997 and before it wasn’t that intelligent is only doing a little better with more features than the DNS Round Robin but in 2004, F5 released BIG-IP version 9.0 and this is when they introduce TMOS architecture this is when intelligent load balancing and application delivery controllers started. In 2019, the company purchased NGINX which is popular as web server software. And in 2021, F5 introduced Next Generation F5 BIG-I{ platforms, these are r-Series and Velo chassis. This replaces both i-Series and the VIPRION models.

F5 Products and Solutions

F5 BIG-IP is the platform, it runs TMOS Operating System which includes Linux. It can be implemented as a hardware, virtual machine (VM) or cloud appliance. We use software modules and this is required to enable solutions you want to enable such as load balancing capabilities, for this you need to activate Local Traffic Manager (LTM). If you want to enable global load balancing capabilities, you need to activate DNS (formerly known as GTM). If you want to enable DDoS and Data Center Firewall, you activate Advanced Firewall Manager (AFM). If you want to enable Web Application Firewall (WAF), you can enable Application Security Manager (ASM), but ASM is already retired, its not rebranded as Advanced Web Application Firewall (AWAF). F5 big ip always been the leader in Application Delivery Controller (ADC) solutions. Other f5 solutions we have is F5 Silverline, it’s the f5 cloud-based Web application Firewall (WAF with) DoS/DDoSC protection. We also have NGINX which is a web server but it can also do load balancing, SSL offload and many others. It’s free, open source and it’s actually more popular than F5 BIG-IP because it’s more commonly used in cloud and application development. Enterprise version is available for bug fixes and better support. The company also acquired shape security in January of 2020, it’s an AI-based bot detection. They also acquired Volterra in 2021, they provide SaaS security services. F5 integrated the two as a new product built in F5 BIG-IP platform and part of the F5 Distributed Cloud (XC) services and this includes API security, Bot Defense, account protection and many more.

F5 BIG-IP Solutions
Here’s how powerful F5 BIG-IP is, you probably seen this huge racks consists of hundreds if not thousands of servers in data centers. The question is, are client/users sends requests and connects to those servers? The answer is “NO”, client sends requests to the application delivery controller or our F5 BIG-IP. Servers are just behind Application Delivery Controller (ADC). ADC offloads many things from SSL/TLS, caching, secure inspection and many others. F5 BIG-IP is a device fluent up to the application layer. It can easily inspect security at Layer 7 (OSI) such as WEB, DNS and many more. You always see F5 BIG-IP deployed in a large data center networks and it can also be deployed in both private and public cloud. How about NGINX? Is an application controller with load balancing features it’s considered less intelligent because it has less application security features such as Web Application Firewall (WAF) but it’s more commonly used in cloud deployments.

Why you need to learn F5?

Here is the reason why you need to learn F5? For starters F5 BIG-IP skills is very in demand in large companies. 48 out of fortune 50 uses F5 BIG-IP. As a data center network engineer, managing switches are okay but the real deal, the real action is via Application Delivery Controller. For security professionals, it is highly recommended to learn DDoS protections and Web Application Firewall(WAF) solutions and lastly, more money! F5 BIG-IP is a high performance and expensive device. Here is an analogy, who do you think earns more money? The guy who is certified and specializing/maintaining Ferraris or the guy who claims he can maintain all common brands of cars of course not including Ferrari.

F5 Certifications

We have 3 levels – Administrator. Specialist and Expert. For the Certified Administrator, you need to pass F5 exam 201. For Certified Technology Specialist (CTS), we have multiple exams (LTM, DNS, ASM, APM) and this are the 300 levels. And, we also have the Expert level, the Certified Solution Expert (CSE), we have two (Cloud and Security) 400 level exams. There is an Entry Level exam which is F5 Exam 101, you wouldn’t get any certifications when you pass this but you would be eligible to take F5 200 level exams. If you pass 201 you will be eligible to take 300 level exams. For 401, it requires CTS in LTM, ASM and APM and if you want to take the 402 exams it requires CTS in LTM and DNS only. I don’t know anyone who is an F5 Certified Technical Professional (CTP) or those who pass F5 202 exam. It’s just not too popular and I think soon F5 will retire this certification. I think its better to add NGINX certifications, introduce NGINX in 101. Replace 202 or add 203 as Certified NGINX Administrator. For Certified Technical Specialist (CTS), add 305 and 306. It would be like NGINX Wweb and NGINX DevOps Certifications and I guarantee you there would be more interest taking those certifications.

Click below to access the video version and consider subscribing:

.

Leave a Reply

Your email address will not be published. Required fields are marked *