Datanet » NOUTĂȚI ȘI EVENIMENTE » Tendințe în industrie » The competitive advantages of the new F5 Velos equipment
SOITRON GROUP
Menu
Datanet » NOUTĂȚI ȘI EVENIMENTE » Tendințe în industrie » The competitive advantages of the new F5 Velos equipment
The competitive advantages of the new F5 Velos equipment

Increasing data traffic and cybersecurity risks are real challenges facing almost every company right now. However, the causes that generate them do not relate just to a certain field of activity. Accelerating the digitization of business processes, increasing the number of applications and equipment, converging to multi-Cloud and hybrid work adoption are becoming standard developments in the current context.

However, the speed with which these changes are taking place makes hardware platforms “aging” very quickly. For this reason, many organizations currently own and operate equipment that limits the performance and availability of applications. Moreover, it creates vulnerabilities, generates high operating and maintenance costs, and blocks development because legacy equipment does not support next-generation software solutions, hybrid multi-cloud architectures, or containerization technologies.

Competitive advantages obtained by using F5 VELOS

To overcome these challenges, Datanet specialists recommend using F5 VELOS, an Application Delivery Controller (ADC) appliance. The equipment allows companies to run multiple applications in the BIG-IP traffic management and security suite on a single chassis, on which multiple partitions can be made. The new hardware solution from F5 supports the entire BIG-IP portfolio:

VELOS comes with the new F5OS software platform, which uses KubeVirt technology, through which virtual machines (VMs) can be run and managed as separate instances in a Kubernetes cluster. With KubeVirt, VELOS enables a multi-client architecture in which multiple instances of BIG-IP solutions are run as VMs in containerized environments. As an immediate advantage of this approach, VELOS simplifies the migration (as “Guest” or “Tenant”) of existing BIG-IP solutions, without the need to change their configurations and how they are managed.

The hardware solution from F5 stands out with several competitive advantages::

• Advanced chassis partition protection

VELOS provides advanced security and management capabilities through chassis partitioning features that allow customers to be physically isolated. Applying this method, the client operating on one partition will have access only to the physical network in that partition, but not to those in other ones.

Administrators can isolate each chassis partition or group them to form larger partitions or multiple clusters on a single chassis. VELOS also isolates partitions by controlling administration rights – access to each partition requires authentication and assigned rights, so one administrator of one partition cannot access another. Also, each partition can be assigned to its own user group, having the access (local or remote) allowed only to them.

For additional security, chassis administrators can access VELOS controllers through separate communication channels (out-of-band interfaces). The F5OS software platform is completely isolated from in-band traffic and VLANs – there are no in-band IP addresses assigned to system controllers or partitions, only to clients.

• Top-level hardware security and availability

F5 VELOS complies with the specifications of version 2.0 of the Trusted Platform Module (TPM) (ISO / IEC 11889) and uses a dedicated hardware security microcontroller. Additionally, VELOS uses the Linux Trusted Boot (tboot) method and Intel TXT technologies. The TPM chip monitors a number of key parameters, such as code and BIOS settings, TPM settings, tboot, Linux initial RAM disk (initrd), and Linux kernel, for detecting and signaling anomalies that may occur when the machine starts up. The device also uses Intel’s new generation of Field-Programmable Gate Array (FPGA) chipsets, which integrate natively with proprietary F5 technology from the Traffic Management Operating System. TMOS is a suite of operating systems and firmware running on BIG-IP, physical or virtual equipment, and by integrating with F5OS and FPGA, it offers superior levels of performance in the areas of:

  • Traffic decryption and compression (SSL offload),
  • Protection against SYN Flood attacks,
  • Hardware detection and remediation of over 100 types of DoS and DDoS attacks.

In order to ensure superior availability, VELOS uses a redundant system of controllers and resources. Each blade has two interfaces, which are connected to separate controller systems. Chassis configuration data on one controller is automatically duplicated on the second (configurations, licenses, orchestration information, authentication data, etc.) to simplify the administration effort.

Also, each physical component – power supply, fans, etc., is doubled so that the system can operate without interruption in case of an event and without the need to restart it. At the same time, the blades can be replaced or added, without the equipment being stopped and without affecting the activity of the users and the performance of the hosted applications, being possible the creation of N+N type scenarios by taking over the tasks by other VELOS chassis.

• Simplification of configuration, management, and automation process

Partition administrators can configure the network infrastructure for each blade in the partition (interfaces, VLANs, etc.), manage the lifecycle for each client, and assign privileges to access partitions. In turn, client administrators are responsible for configuring services at the lieutenant level and have access to the functionality of each BIG-IP instance.

To reduce operational effort, VELOS allows the use of the F5 Automation Toolchain suite, a set of software tools that simplifies the development and configuration of security and workflow automation services. Automation Toolchain reduces errors in creating workflows, increases their development speed, and facilitates their reuse.

 

Multiple savings opportunities by using F5 VELOS

F5 VELOS works as a bridge between traditional and modern architectures, allowing companies to achieve CapEx savings and meet the security requirements imposed by different working scenarios and areas of activity. Using F5’s next-generation hardware solution, organizations can improve the performance and availability of applications and services, benefiting from advanced management and security features. The API-first architecture offers to BIG-IP solutions customers the possibility of an easy migration of F5 applications, simplifying their management and automation. Together with F5OS, the hardware platform ensures better use of resources, supporting the creation of multiple clusters through the new chassis partitioning method.

VELOS facilitates the creation of multiple levels of protection and offers advanced hardware security capabilities, which can be combined with the capabilities of BIG-IP solutions to improve the protection of business processes, secure access control, and isolate networks.

Datanet Systems is one of F5’s main local partners, with advanced system integrator and critical infrastructure capabilities. Our company can provide full services for the implementation, configuration, customization, and automation of VELOS equipment, as well as support for the migration of BIG-IP applications.

For more technical and commercial information about the F5 VELOS solution, as well as about the Datanet Systems services, contact us at sales@datanets.ro.