TrustRadius: an HG Insights company

F5 BIG-IP DNS

Score9.2 out of 10

35 Reviews and Ratings

Get a Demo

What is F5 BIG-IP DNS?

F5 BIG-IP DNS (formerly BIG-IP Global Traffic Manager) secures DNS infrastructure.

Categories & Use Cases

Reviews

What users are saying about F5 BIG-IP DNS.
View all reviews

Your Request First Hop For Secure Scalable and Smart decision

Incentivized
Verified User
Engineer in Information Technology (51-200 employees employees)

Use Cases and Deployment Scope

-F5 BIG-IP DNS provides Global Server Load Balancing (GSLB), intelligently distributing client traffic across multiple data centers, such as primary (DC) and disaster recovery (DR) sites.
-Client side initiated requests are processed as DNS queries and directed to the appropriate data center, ensuring optimal performance, resilience and high availability.
-The system continuously performs health checks on destination servers in both DC and DR locations, routing traffic only to endpoints that are verified as healthy
-Also mitigates DDos attacks and malicious queries
-Directs client requests to nearest and optimal response data centers,
-Provides hybrid support in directing traffic between on prem and cloud hosted applications
-It also reduces a lot of manual man power by automatically failover and diverting the traffic without losing business
-F5 BIG-IP DNS works more robustly by integrating it with F5 BIG IP Advance firewall Manager as it allows to configure security profiles that provides more granular level of protection

Pros

  • Routing the traffic to multiple data centers deployed in different locations
  • Examines the servers health, performance metrics and do evaluation on the basis of geography as well to redirect queries to optimal destination
  • Provides rate limiting feature to mitigate DDos and DNS flood attacks
  • Best in routing the traffic to multiple clouds including on prem resources
  • Faster results of the queries and reduced latency is one of the biggest advantages of F5 BIG-IP DNS

Cons

  • Implementing iRules requires advanced expertise, and additional vendor resources or guidance would significantly ease adoption for clients
  • While the user interface is intuitive, many tasks demand extensive manual effort. Greater automation across both UI and CLI would reduce operational overhead and improve efficiency.
  • similar limitation is observed in BIG‑IP ASM, where analytics lack sufficient granularity to support detailed task execution and effective implementation planning

Return on Investment

  • Saved almost 1.2 million USD for one of critical activities as downtime could have posed this but due to failover based on health checks saved these bucks
  • Business impact which can be caused due to DDos attacks avoided
  • High cost licensing as mentioned earlier as well
  • Analytical limitations as F5 has also mentioned multiple it’s not an analytical tool

Usability

Alternatives Considered

IBM Security QRadar SIEM, Barracuda Email Protection, Barracuda Load Balancer ADC, Barracuda Web Security Gateway, Barracuda Application Protection, F5 BIG-IP Access Policy Manager (APM), F5 BIG-IP Local Traffic Manager (LTM), F5 Big-IP Advanced WAF, F5 Distributed Cloud WAF (Web Application Firewall) and F5 Distributed Cloud API Security

Other Software Used

IBM Security QRadar SIEM, Barracuda Application Protection, F5 BIG-IP Local Traffic Manager (LTM), F5 Big-IP Advanced WAF

F5 BIG-IP DNS Review

Incentivized
Verified User
Engineer in Information Technology (10,001+ employees employees)

Use Cases and Deployment Scope

We noticed lots of traffic, lots of users using the DNS over TLS, and then it was hard for us to allow it from the firewall perspective. We tried to block all of them, but we had to sit back and to make sure that we have another product as a DNS, F5 BIG-IP DNS. We were actually able to SSL decrypt all that traffic and then put all this model as a DOT or DOH, and to make sure that, to see all that traffic and then inspect, they call Bricken inspection. And we were able to analyze the data after the decryption and then make sure that we hid all this encrypted data behind the HTTPS and protected it for our corporate users.

Pros

  • I love this product, especially DoH because it's not able to do the same functionality in NextGen firewalls on our edge location because of the nature that integrated with the F5 BIG-IP, the V we provide for our external clients and we love it the most because it's, it's right in the same box, we use it and then we get the benefits out of the same big IP boxes, same VE boxes. And I think that's the only aspect we liked the most.

Cons

  • So far we liked it the most. In previous version, like the 15 we had very difficulty, but with the new version they brought it up. The 16.1, there was not any difficulty and I wish I see more view loggings, the log analytics from this. I would say that's the only thing, but the rest is been great since 16.1.

Return on Investment

  • Well, yes, I would say a big impact for ours. We were able to have more visibilities and trying to allow those traffic that we weren't able to see what is behind the scene and then reduce a lot of attackers. And then it led us to actually allow our clients freely using the DOT or DOH.

Other Software Used

Palo Alto Networks Next-Generation Firewalls - PA Series, F5 BIG-IP

F5 BIG-IP DNS Review

Incentivized
Verified User
Engineer in Information Technology (10,001+ employees employees)

Use Cases and Deployment Scope

Today we use it for Global Availability and HA across our multiple cloud regions and equinix facilities both internally and externally.

Pros

  • Being able to create topology load balancing is very easy and straightforward
  • It works really well to detect which region or state you are in to be able to load balance to the closest location

Cons

  • We struggle with the fact that F5 BIG-IP DNS uses the LDNS. Today we use infoblox and we are able to tag ECS data so that the F5 can see the true source of the client but it would be cool if somehow that would work without having to forward.
  • One thing that I also struggle with is the time stamps and adding new GTMS into the cluster. I have wiped out my deployment before because the timestamps we're wrong.

Return on Investment

  • It has created an easy environment for us to onramp and load balance based on region into our GCP instances. This provides a faster experience for our customers increasing sales.

Usability

Alternatives Considered

F5 BIG-IP Local Traffic Manager (LTM)

Other Software Used

Cisco Application Centric Infrastructure (Cisco ACI)

F5 BIG-IP DNS Review

Incentivized
Verified User
Engineer in Engineering (10,001+ employees employees)

Use Cases and Deployment Scope

We use F5 BIG-IP DNS for DNS resolutions. We used to have Infoblox for DNS queries and with Infoblox as our environment grew, there were resource issues. We had users complaining about DNS queries taking lot of time. With Infoblox, service used to restart nightly at 10pm. When we moved to F5 BIG-IP DNS, nightly restart was addressed.

Pros

  • DNS Caching
  • DNS Response Time
  • Stability

Cons

  • Instead of purchasing separate DNS appliance, would like to see a containerized LTM with DNS

Return on Investment

  • Service restart was addressed which we had with previous DNS solution

Usability

Other Software Used

F5 BIG-IP Local Traffic Manager (LTM), Unify GTM

F5 BIG-IP DNS Review

Incentivized
Verified User
Analyst in Information Technology (10,001+ employees employees)

Use Cases and Deployment Scope

It helps us complete a lot of the specific tasks, we have low balance surgeries you guys offer and stuff like that as well, as well as web application firewalls. It helps us with our daily tasks and things like that.

Pros

  • I would say the load balancers. I think the load balancer service is pretty good.

Cons

  • I don't have any areas of improvement. I'm pretty satisfied with the product so far.

Return on Investment

  • Helps us be more efficient, so I analyze data a lot. A lot quicker

Usability

Related Products

Products similar to F5 BIG-IP DNS that may also meet your needs.
All comparisons
NetScaler
CompareLearn more
BlueCat Edge
CompareLearn more
Akamai Edge DNS
CompareLearn more