F5 BIG-IP software from Seattle-based F5 Networks is a load balancing and application protection solution suite available on cloud or via virtual editions, on a subscription or perpetual licensing basis.
N/A
F5 BIG-IP SSL Orchestrator
Score 8.7 out of 10
N/A
F5 Networks provides the SSL Orchestrator, a high-performance decryption, analysis, and re-encryption tool for SSL/TLS traffic across the network to locate threats or data exfiltration efforts concealed in encrypted traffic.
Definitely in larger environments, more mature organizations that obviously have the budget to spend and want best in class. Where it struggles is those organizations that don't have the funding and money to spend on it and need more basic functionality. So I'd say that's smaller customers we've worked with and kind of mid-market. They tend to get scared when they get the quotes. Also we've had some struggles with account team consistency. So for the sales team, just a lot of turnover and a lot of missteps on customer calls.
F5 SSL Orchestrator is an ideal software to address the blind spots of the encryption of incoming and outgoing traffic, this is because it provides a high visibility of the traffic. By having a management based on policies allows to carry out a simpler management and obtain a more integration easy with existing infrastructures. It is ideal for reducing costs as it allows the creation of dynamic devices, thereby evaluating whether the traffic should be decrypted or not.
I mean from a basic level, it actually satisfies all the use cases we have, which is basically to have multiple web servers for the front end and then you want that to be equally split across. The traffic comes in from all over the world. We use DRA protection and everything, but then we also internally want to make sure all the servers are being utilized and we provide much more availability across all servers. We just make sure BIG-IP sits in between and handles the traffic accordingly. And it's pretty basic and it comes to drawing traffic. It's pretty easy to configure and set it up and then forget.
Recently we have been deploying F5 web application firewall and we have started the deployment. We have already moved applications out there, but we are not yet to the point wherein I could comment any positive feedback or any negative feedback because we are still going through it, right. But as far as I'm concerned, I don't see any drawbacks or any shortcomings on the F5 product lineup.
It is a software with a somewhat complex documentation so when you are in doubt it is difficult to solve it through its documentation.
A good knowledge is required in the management of the software, because although its implementation is flexible, carrying it out in the appropriate way guarantees good operation.
Its price can be somewhat high if it is a small company, however considering its high versatility the investment is worth it.
Learning curve somewhat steep, but you can count on the support of your support team.
It's not difficult to understand the parts of application configurations and features. Setting up new virtual servers with multiple profiles, certificates, and nodes is easy for new users through the web interface, which also translates to programability in scripts, DevOps, or other configuration management use-cases. Users from different backgrounds such as networking and infrastructure can use F5 BIG-IP, while users who are familiar with API calls can easily configure objects without needing to understand the platform at all.
On the occasions when we've had to engage f5 support, they have been great. They have always resolved our issues quickly and been easy to work with and professional. The reason I give them a 10 out of 10, however, is because when we've had issues that have crossed over between the f5 BIG-IP, our Cisco switches, and our Microsoft IIS server the f5 support representatives have been extremely knowledgeable about every product and device involved and have been able to troubleshoot end-to-end without having to engage other vendors.
That's the one thing that really stood out. It was a lot easier to use from an administrator standpoint, so I think that's the one thing that really made our team decide to go with this product versus another competitor. Just ease of use.
OpenSSL is a simple software to use, with a complete documentation and an easy installation and ideal for encrypting and decrypting and making certificates, however F5 SSL Orchestrator can be implemented in different ways, it provides a high visibility of the traffic which does not miss any threat It wants to hide in encrypted traffic, but its biggest advantage is that it helps to better manage and does not provide static but dynamic devices so it is possible to decrypt once or encrypt once, it is for all these powerful features that F5 SSL Orchestrator was chosen.
By providing a high vision of inbound and outbound traffic, we manage to avoid the entry of threats and the exposure or loss of data from our business infrastructure.
Its policy based management is very helpful, since it is much simpler to manage SSL traffic and to be aware of any attack coming from it and to apply security controls to all business traffic.
