F5 states that the "brain" of the BIG-IP platform, Local Traffic Manager (LTM) intelligently manages network traffic so applications are always fast, available, and secure.
N/A
HAProxy Community Edition
Score 9.4 out of 10
N/A
HAProxy Community Edition is a free, open source reverse-proxy offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is presented as suited for very high traffic web sites.
I mean the only reason we changed away from it was price and it just simply had to do with the licensing that Citrix was offering on the NetScalers. They had basically an all you can eat consumption license that we were easily inside of with all of our VDI usage, whereas with F5 we had to buy the hardware and we had to license the software. Any place you need to actually do traffic balancing at scale, it's a fantastic product. I couldn't recommend it highly enough. There's just some things that hardware SSL offload and hardware load balancing just simply can't be equal that I don't know if there's a better product on the market for that.
It prevents a single server failure from being a downtime event by adding redundancy to every layer of your architecture. A load balancer facilitates redundancy for the backend layer (web/app servers), but for a true high availability setup, you need to have redundant load balancers as well. So it is well suited for all production related servers and less suited for individual servers that do not require redundancy.
Sure. It does load balancing fantastically. I mean, it's an industry standard product for that. We also use it for TLS offload for applications. Those are the two main use cases for that. We do also use some of the I rules for traffic filtering. We've used that in some of the external facing services. It does a really nice job with that. It's a little bit complicated sometimes and some of the Cipher Suite stuff is interesting.
Some of the stuff you have to dive into the CLI to really use, I'm going to reach back to the previous employer for this. So I had a much greater degree of involvement with it at that point in time for, I was the crypto guy at the company and I had to design all the cipher suites that we actually implemented on our front end banking products. So in order to do that, I had to dive into it, download all the Cipher suites, figure out the actual order of operation for them, how they were selected because I wanted to design the Cipher Suites to actually provide a specific customer experience for the types of connections that our customers were likely to initiate. Getting at that information was a giant PITA. It was poorly documented at the time. I'm not sure if it's documented any better now. Every time the software changed or got upgraded, made your version, I'd have to do it all over again because the upgrades to the stack, which looked like it was based on open SSL, but it was heavily modified with a different syntax. Oh yay. That's fun too. So I had to write giant documents describing all of the ciphers that I was designing for this because it just kept changing all the time. So I didn't care for that aspect of it. Traffic management does a great job for that.
A few, rare times each year, HAProxy CPU utilization spikes to 100% and server has to be rebooted - this may be related to HAProxy OR it could be an external factor causing this.
F5 has always been one of the best products we have in the data center. We had few issues with the BUG and Code upgrades but the main use cases for F5 was always top notch. From High availability to Globally load balancing applications across multiple data centers and muti cloud environments.
F5 BIG-IP Local Traffic Manager is very easy to use. Building each application is straightforward forward and the help function and now with the new AI assistant soon to be available, it is going to be easier than ever to be able to understand and implement each application.
It is very easy to use. I was able to find a lot of documents for it on the internet. Very good community support. There are lots of examples available to try. We mostly use a command-line user interface to interact with it. The CLI is also super easy to use and very easy to interact with
We haven't used customer support. We mostly used the community version. We build a multi-node HAProxy cluster with HA to the proxy itself using opensource plugins available. With the support available on the internet and the documents available we don't need to use much customer support.
F5 is doing its specialized function. There is no other product that can beat them. We are extremely happy with the product. Especially on load balancing, traffic redirecting TLS encryption, and SNI modification. We will continue to explore F5's product, especially on the public cloud side. e.g. NGINX.
We chose HA Proxy because it is cheaper than a hardware balancer, it is an open-source solution with a large community behind it and with constant updates. It also allows custom scripts according to needs.HA Proxy is a solution used in many internet sites like GitHub, Reddit, Twitter, and Tuenti.
Significantly lower investment vs competitors. In the case of F5s we have Virtual Editions so we're paying for the hardware to run it on top of the several thousand dollar licenses that are required for each pair and we currently have a pair of F5s per client so there's a huge potential for cost savings there.
Requires our network engineers to learn a new skill or our Systems engineers to take on the responsibility of managing the load balancers. It's not a huge difference either way, but it does impact the way we have done business in the past.
