F5 Reigns In Both Application Access And Remote Locations

Application delivery network vendor F5 has launched their new BIG-IP Edge Gateway appliance and their new Access Policy Manager module, as well as other upgrades as part of the 10.1 release of their BIG-IP software. Both products hope to highlight F5's focus on the network edge, not only managing control of web applications, but to optimize access to the data center no matter where that access originates.

Similar to its recent updates of its security modules, F5 is leveraging the inclusion of Quova's IP location database into the core of its TMOS operating system in its traffic management modules. The security modules track where a particular threat is coming from, and the Local Traffic Manager (LTM) uses location data to direct users to their nearest data center. The benefit of this is clear: spreading out the traffic load while minimizing the distance between the user and the application.  

The BIG-IP Access Policy Manager moves the authentication and access control policies out of the hands of dedicated proxy servers or server agents and on to the applications already touching every packet coming in from the outside world. Policy Manager provides a consolidated source for access policy management with an interface similar to F5's iRules to enable administrators to build custom polices.  F5 suggests that by leveraging its BIG-IP appliances to handle both load balancing and authentication, customers can realize significant savings in both capital and operational expenses, with a higher level of scalability. Access Policy Manager is the framework that drives the previously announced integration with Oracle Access Manager.

Finally, the new BIG-IP Edge Gateway leverages the same range of appliances as the rest of the BIG-IP family, but is focused on remote sites. The new line pulls together SSL VPN, application acceleration and symmetric WAN optimization with a promise of LAN-like application performance for far-flung users.  For truly mobile workers, F5 also offers a new BIG-IP Edge client, which pulls VPN access and acceleration into a single user client. The new gateway also takes advantage of the geo-location functionality in TMOS to redirect remote users to the Edge Gateway nearest to them, not only minimizing the number of hops a user has to take to get back to the data center, but also leveraging the symmetric optimizations of the BIG-IP appliances in between to speed up the connection.

Multi-function clients are making a comeback as enterprise employees become globally dispersed, and IT needs to deliver the same level of performance for users, no matter where they are. The BIG-IP Edge Gateway is another indication that multi-function clients are here to stay. Bluecoat's ProxyClient software, which debuted in January 2008, performs application acceleration, access contol and web filtering, was one of the first multi-function clients to be released. Juniper Networks integrated their WXC client with their SSL VPN client for indentity based SSL VPN, WAN optimization and acceleration, firewall, host IDS/IDP and network access control. However, those features required multiple devices for nearly every major function.