F5 BIG-IP DNS (formerly BIG-IP Global Traffic Manager) secures DNS infrastructure.
N/A
HAProxy Community Edition
Score 9.3 out of 10
N/A
HAProxy Community Edition is a free, open source reverse-proxy offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is presented as suited for very high traffic web sites.
Less appropriate: - Not best bet for startup’s as their budget is always tight - Not good for those companies where the engineers are not highly skilled otherwise the use Irules and security policies will not be utilised in optimal manner as it requires more cpu resources to work especially irules - For companies fully on cloud doesn’t best fit as I already highlighted cloud require more improvements when it comes to seamless performance Best Suited -Large enterprise companies where budget is not an issue - Companies whose traffic Rate Per Second is very high as it can handle huge RPS without latency - Companies whose business is surely depends on their availability
It prevents a single server failure from being a downtime event by adding redundancy to every layer of your architecture. A load balancer facilitates redundancy for the backend layer (web/app servers), but for a true high availability setup, you need to have redundant load balancers as well. So it is well suited for all production related servers and less suited for individual servers that do not require redundancy.
I love this product, especially DoH because it's not able to do the same functionality in NextGen firewalls on our edge location because of the nature that integrated with the F5 BIG-IP, the V we provide for our external clients and we love it the most because it's, it's right in the same box, we use it and then we get the benefits out of the same big IP boxes, same VE boxes. And I think that's the only aspect we liked the most.
I'd like to see better reporting capabilities on the decision-making process for DNS resolutions. Currently there are plenty of log messages for that, but I'd like to see tighter integration into the GUI.
It could be an improvement to better discriminate features intended for AA vs LDNS functionality within the GUI.
A few, rare times each year, HAProxy CPU utilization spikes to 100% and server has to be rebooted - this may be related to HAProxy OR it could be an external factor causing this.
We use this heavily and it is one of the best products out there for this type of use case. We already have LTMs and to leverage GTM on top of that is just a piece of cake. Everything is so well integrated its amazing
Most important usability of F5 BIG-IP DNS is it’s stability which other vendors lack -As mentioned earlier as well, it’s scalability is humongous as it can honour millions of request per second without latency - irules feature makes it top and worthy to fight with top contenders like cloudflare and Cisco - Moreover it’s stable even when the Rate Per second is high and at the same time, DDos occurs - Interface is user friendly for simple tasks but requires more manual work - TAC should provide more assistance when it comes to normal support as well but they do offer professional support license for tasks which other vendor assist on normal license as well
It is very easy to use. I was able to find a lot of documents for it on the internet. Very good community support. There are lots of examples available to try. We mostly use a command-line user interface to interact with it. The CLI is also super easy to use and very easy to interact with
We haven't used customer support. We mostly used the community version. We build a multi-node HAProxy cluster with HA to the proxy itself using opensource plugins available. With the support available on the internet and the documents available we don't need to use much customer support.
As I mentioned, the GSLB capability, being able to do intelligent DNS by having access to monitor specific endpoints associated to my current BIG-IP infrastructure, I believe that brings a huge value, then combine fast responses and security.
We chose HA Proxy because it is cheaper than a hardware balancer, it is an open-source solution with a large community behind it and with constant updates. It also allows custom scripts according to needs.HA Proxy is a solution used in many internet sites like GitHub, Reddit, Twitter, and Tuenti.
Well, yes, I would say a big impact for ours. We were able to have more visibilities and trying to allow those traffic that we weren't able to see what is behind the scene and then reduce a lot of attackers. And then it led us to actually allow our clients freely using the DOT or DOH.
Significantly lower investment vs competitors. In the case of F5s we have Virtual Editions so we're paying for the hardware to run it on top of the several thousand dollar licenses that are required for each pair and we currently have a pair of F5s per client so there's a huge potential for cost savings there.
Requires our network engineers to learn a new skill or our Systems engineers to take on the responsibility of managing the load balancers. It's not a huge difference either way, but it does impact the way we have done business in the past.
