F5 states that the "brain" of the BIG-IP platform, Local Traffic Manager (LTM) intelligently manages network traffic so applications are always fast, available, and secure.
N/A
NGINX
Score 9.2 out of 10
Mid-Size Companies (51-1,000 employees)
NGINX, a business unit of F5 Networks, powers over 65% of the world's busiest websites and web applications. NGINX started out as an open source web server and reverse proxy, built to be faster and more efficient than Apache. Over the years, NGINX has built a suite of infrastructure software products o tackle some of the biggest challenges in managing high-transaction applications. NGINX offers a suite of products to form the core of what organizations need to create…
I mean the only reason we changed away from it was price and it just simply had to do with the licensing that Citrix was offering on the NetScalers. They had basically an all you can eat consumption license that we were easily inside of with all of our VDI usage, whereas with F5 we had to buy the hardware and we had to license the software. Any place you need to actually do traffic balancing at scale, it's a fantastic product. I couldn't recommend it highly enough. There's just some things that hardware SSL offload and hardware load balancing just simply can't be equal that I don't know if there's a better product on the market for that.
Nginx is well-suited for any web server scenarios, such as web applications, backend or reverse proxy for both application and HTTP requests, and distribution. It is less appropriate for Windows-based applications that run directly on a Windows Server host. In any case, it is very easy to manage, through separate conf files for each application or site you want to host with it.
Sure. It does load balancing fantastically. I mean, it's an industry standard product for that. We also use it for TLS offload for applications. Those are the two main use cases for that. We do also use some of the I rules for traffic filtering. We've used that in some of the external facing services. It does a really nice job with that. It's a little bit complicated sometimes and some of the Cipher Suite stuff is interesting.
Some of the stuff you have to dive into the CLI to really use, I'm going to reach back to the previous employer for this. So I had a much greater degree of involvement with it at that point in time for, I was the crypto guy at the company and I had to design all the cipher suites that we actually implemented on our front end banking products. So in order to do that, I had to dive into it, download all the Cipher suites, figure out the actual order of operation for them, how they were selected because I wanted to design the Cipher Suites to actually provide a specific customer experience for the types of connections that our customers were likely to initiate. Getting at that information was a giant PITA. It was poorly documented at the time. I'm not sure if it's documented any better now. Every time the software changed or got upgraded, made your version, I'd have to do it all over again because the upgrades to the stack, which looked like it was based on open SSL, but it was heavily modified with a different syntax. Oh yay. That's fun too. So I had to write giant documents describing all of the ciphers that I was designing for this because it just kept changing all the time. So I didn't care for that aspect of it. Traffic management does a great job for that.
Customer support can be strangely condescending, perhaps it's a language issue?
I find it a little weird how the release versions used for Nginx+ aren't the same as for open source version. It can be very confusing to determine the cross-compatibility of modules, etc., because of this.
It seems like some (most?) modules on their own site are ancient and no longer supported, so their documentation in this area needs work.
It's difficult to navigate between nginx.com commercial site and customer support. They need to be integrated together.
I'd love to see more work done on nginx+ monitoring without requiring logging every request. I understand that many statistics can only be derived from logs, but plenty should work without that. Logging is not an option in many environments.
F5 has always been one of the best products we have in the data center. We had few issues with the BUG and Code upgrades but the main use cases for F5 was always top notch. From High availability to Globally load balancing applications across multiple data centers and muti cloud environments.
I am very comfortable with this product not only configuring it but automating it as well. There are not many configurations or situations where I do not know how to implement it on the device. I find it straightforward and easy to use.
This tool is really easy to use and configure. Consumes very less system resources. It is highly modular and configurable. You can easily use it with other tools like certbot for SSLs. You can configure basic security with configuration and headers
Community support is great, and they've also had a presence at conferences. Overall, there is no shortage of documentation and community support. We're currently using it to serve up some WordPress sites, and configuring NGINX for this purpose is well documented.
F5 is doing its specialized function. There is no other product that can beat them. We are extremely happy with the product. Especially on load balancing, traffic redirecting TLS encryption, and SNI modification. We will continue to explore F5's product, especially on the public cloud side. e.g. NGINX.
I have found that [NGINX] seems to perform better throughout the years with less issues although I've used Apache more. I would definitely recommend [NGINX] for any high volume site and I've seen this to usually be the case from most provided web hosts who will pick [NGINX] over alternatives
It has allowed us to let application developers know that the issues are with their application and not due to the network, because of where it sits. This has been invaluable when troubleshooting issues when they arise. Knowing whether or not traffic is even hitting the F5 BIG-IP Local Traffic Manager (LTM), either ingress or outgoing. If the Dev's information is not even making it to the F5 BIG-IP Local Traffic Manager (LTM), we can quickly tell them and let them figure the issue out on their own, saving the rest of the Network Team from getting that 2am call.
By using Nginx, we can host multiple web services on a single server, keeping our infrastructure costs lower.
Nginx maintains our HTTPS connections, allowing us to keep our promise to our customers that their data is safe in transit.
Due to Nginx's extremely low failure rate, our web addresses always return something meaningful, even when individual services go down. In sense, this means we are "always online" and allows us to maintain brand and support our customers even in the face of catastrophe.
