F5 Big-IQ License
F5 Big-IQ License
F5 Big-IQ is provides a unified point of visibility and control for your entire F5 portfolio, ensuring your finger remains on the pulse of F5 devices, modules, and licenses and enabling you to deliver optimal application availability, performance, and security. BIG-IQ supports F5 BIG-IP® end-to-end, including: BIG-IP Virtual Editions (VEs); BIG-IP Per-App VEs; BIG-IP iSeries® appliances, and; the F5 VIPRION® platform. BIG-IQ manages policies, licenses, SSL certificates, images, and configurations for F5 appliances and for the following F5 License modules:
Features of BIG-IQ
FLEXIBLE AND UNIFIED MANAGEMENT BIG-IQ
saves you time and money by providing a single point of management for all your BIG-IP devices—whether they are on premises or in a public or private cloud. It can manage any physical or virtual BIG-IP device so long as it can establish layer 3 connectivity for management, either by GUI or through APIs. You can run BIG-IQ on AWS and Microsoft Azure and in most private cloud architectures. To further simplify and clarify app management, BIG-IQ represents multiple application services that support an app as a single entity. By combining services into a single application, you can visualize and manage the aggregation of these services to get a full view across multiple environments, tiers, or geographies. Yet, you can still drill down to view the individual services for more specific insights into performance and analytics. BIG-IQ supports the creation, visibility, and management of applications deployed across multiple devices, clouds, and data centers. This allows for enhanced management capabilities of all DNS, TCP, and HTTP instances of an application deployment, including those configured with the Application Services 3 Extension (AS3). The system administrator can specify user access and management permissions to these application deployments. BIG-IQ helps teams align to the flexibility of cloud with its deep visibility into applications health and performance as well as simple, unified operations—enabling you to make data-driven decisions and quickly respond to changes in application environments which are extremely variable.
ROLE – BASED ACCESS CONTROL Operating at the speed of innovation requires every person within an organization to do their job and do it effectively. That’s why role-based access control (RBAC) is so critical, not only for security purposes but also for doing things efficiently day to day. BIG-IQ supports fine-grained, highly customizable RBAC, enabling security and application teams to manage their own application services, policies, and configurations without depending on network administrators. Use the predefined roles and permissions configurations in BIG-IQ, or create your own, to manage who can see application dashboards and to edit and deploy services and policies for application delivery and security. You can associate roles with local users and groups, or other users and groups from remote Active Directory (AD), TACACS+, RADIUS, or LDAP servers. Additionally, as F5 releases new versions of BIG-IQ, RBAC will be extended to more workflows, dashboards, logs, and reports—ensuring every f5 Big-IQ virtual License user has appropriate visibility into and control of their portion of the application.
CENTRALIZED ANALYTICS LOGS, DASHBOARDS, AND AUDITING
BIG-IQ is a single, end-to-end solution for analyzing the health, performance, and availability of your F5 application delivery and security portfolio in any environment. It provides detailed analytics, logging, and auditing across devices, services, and the applications they support making it easy to ensure consistency across hybrid and multi-cloud deployments and simplify the troubleshooting process if something goes wrong.
This holistic view is powered by deep, application-centric analytics. BIG-IQ’s Data Collection Devices collect the analytics. Data Collection Devices are a no-cost, no-license component of the BIG-IQ solution. Once health and performance metrics are captured via Data Collection
Device, they are displayed on BIG-IQ’s highly customizable dashboards that can:
- Show a high-level “at-a-glance” status and analytics
- Provide deep application- and role-specific views of app health and performance
- Offer insights into security status, server-side roundtrip time, specific browser performance, and many other helpful metrics
- Extend visibility, analytics, and basic configuration controls to legacy app services(those deployed without a template or using BIG-IQ)
SECURITY AND ACCESS MANAGEMENT
BIG-IQ provides policy deployment, access, and administration management for organizations securing their applications and their networks with BIG-IP ASM, Advanced WAF, SSL Orchestrator, BIG-IP APM, Secure Web Gateway, and BIG-IP AFM. Access BIG-IQ uses RBAC to delegate operational tasks, minimize management errors, and reduce downtime. It also helps you easily manage a reliable, effective security posture across deployments, whether your applications are hosted on premises or in the cloud. With BIG-IQ, you can manage and monitor BIG-IP APM and Secure Web Gateway appliances via declarative REST API-driven workflows—making the process faster, more repeatable, and aligned to modern application development and deployment practices. The Visual Policy Editor helps you understand and control access security (e.g., VPN, SSO, federation) policies. Plus, you gain extensive reporting capabilities on your SSL VPN, virtual desktop infrastructure (VDI), users, web access application usage, and Secure Web Gateway activity. It also enables you to ensure policy compliance across your IT landscape.
BIG-IQ simplifies verification of existing firewall policies, auditing of policy changes, and tracking policy deployments to specific network and web application firewalls and enables you to centrally manage Advanced WAF services. It consolidates L3–4 DDoS profiles, DDoS device-level configurations, profile vector enhancements, and allowlists for controlling DDoS response. Security pros can also proactively evaluate and improve their security policies through BIG-IQ’s policy analyzer and gain visibility into differential security policies through the security dashboard.