F5 LBaaS provides customers the ability to design, plan and architect their Openstack deployments. Utilizing F5 iApps, customers have the ability to provision F5 leading Application Delivery Services via the console in Red Hat Enterprise Linux OpenStack Platform.
For additional information on the F5 plugin, or to download the LBaaS plugin please visit https://github.com/f5networks
Virtual Firewall (vFW)
BIG-IP® Advanced Firewall Manager® (AFM) VE is a virtual firewall that provides the widest range of security functionality and a multi-layered defense across every domain in your network. This VNF protects against sophisticated emerging threats that can cause network congestion, service degradation, and service outages. The vFW can be deployed across the data, signaling, and application planes. It can also be deployed as a Gi firewall, data center firewall, GTP, and SIP firewall.
Virtual CGNAT (vCGN)
Virtual carrier-grade NAT (CGNAT) is supported on BIG-IP AFM VE or it can serve as a standalone. It offers a broad set of tools that enable you to successfully migrate to IPv6 while continuing to support and interoperate with existing IPv4 devices and content. This VNF provides tunneling solutions with Dual-Stack Lite capabilities as well as native network address translation solutions, such as NAT44 and NAT64. Virtual Policy Charging Enforcement Function (vPCEF) BIG-IP® Policy Enforcement Manager™ (PEM) VE is a virtual policy charging enforcement function. It gives you the insight to understand subscriber behavior and manage traffic with a wide range of policy enforcement capabilities. This VNF also offers intelligent Layer 4–7 traffic steering, HTTP redirect, network intelligence, header enrichment, and dynamic control of network resources through subscriber-and context-aware solutions.
Virtual Policy Charging Enforcement Function (vPCEF)
BIG-IP® Policy Enforcement Manager™ (PEM) VE is a virtual policy charging enforcement function. It gives you the insight to understand subscriber behavior and manage traffic with a wide range of policy enforcement capabilities. This VNF also offers intelligent Layer 4–7 traffic steering, HTTP redirect, network intelligence, header enrichment, and dynamic control of network resources through subscriber-and context-aware solutions.
Virtual Content Insertion (vCI)
Virtual content insertion is supported on BIG-IP PEM VE. It enables you to insert content, such as targeted ads to subscribers based on their profile and location. Leveraging subscriber awareness functionality, you can add various content into the HTML header to provide more personalized, revenue-generating services.
Virtual URL Filtering (vURL Filtering)
Virtual URL filtering is supported on BIG-IP PEM VE. It enables you to classify traffic based on specific URL categories, which can be customized according to different regions. In addition, with vURL filtering, you can implement parental control services, which block traffic to specific websites based on certain URL categories or based on specific URLs you define.
Virtual TCP Optimization (vTCPO)
Virtual TCP Optimization is supported on all BIG-IP virtual editions. It provides an optimized TCP stack that can significantly improve subscriber Quality of Experience (QoE) by minimizing the effects of congestion and packet loss for 3G/4G networks. This VNF focuses on optimizing the TCP protocol, which accounts for the vast majority of Internet traffic including optimizing encrypted connections. It also improves QoE by optimizing the TCP stack to provide high goodput, minimizing bufferbloat, and allowing fairness between flows. vTCPO can deliver up to twice the performance for subscribers and four times the bandwidth efficiency.
Virtual Application Delivery Controller (vADC)
BIG-IP® Local Traffic Manager™ (LTM) VE is a virtual Application Delivery Controller. It enables you to deliver network services in a reliable, secure, and optimized way. This VNF provides Layer 4–7 load-balancing and Layer 7 traffic management—allowing you to optimize and offload other network resources, including value-added services (VAS) platforms and other VNFs in your network.
Virtual SIP Routing and Load Balancing (vSRLB)
Virtual SIP routing and load balancing is supported on all BIG-IP virtual editions. It offers a full L4-L7 SIP-aware load-balancing solution providing the scalability and flexibility to deploy SIP solutions within IMS environments for LTE services. This gives you the ability to integrate new voice and multimedia services with greater ease and confidence. It also provides high availability for your SIP infrastructure and application servers by continuously monitoring and managing SIP sessions between the different servers.
Virtual DNS (vDNS)
BIG-IP® DNS VE is a virtual DNS. It secures your DNS infrastructure through high-performance DNS services, scales DNS responses to survive volume increases and distributed denial-ofservice (DDoS) attacks, and ensures high availability of your global applications and services. This VNF also provides DNS scalability and delivery offload to your LDNS infrastructure. By delivering faster response times for content being accessed by fixed and mobile devices, vDNS offers higher subscriber QoE.
Virtual Web Application Firewall (vWAF)
BIG-IP® Application Security Manager™ (ASM) VE is a virtual web application firewall that secures web applications in traditional, virtual, and private cloud environments. It provides unmatched protection that helps secure applications against layer 7 threats including DDoS, SQL injection, OWASP Top Ten, brute force, and zero-day web application attacks. The vWAF also mitigates DOS-heavy URL attacks, prevents execution of fraudulent transactions, and stops in-browser session hijacking. With this VNF, you can achieve industry security standards compliance with key regulatory mandates.
Virtual Secure Web Gateway (vSWG)
BIG-IP® Access Policy Manager® (APM) VE is a virtual secure web gateway. This flexible, high-performance access and security solution provides unified global access to applications and your network. It uses powerful analytics combined with a collection of sophisticated signature and heuristic detection engines. These can identify and eradicate general and specialized threats and block malware or malicious scripts within web pages by scanning return HTTP/HTTPS traffic. The vSWG also uses content-based and contextual data gathered from web pages. This data detects patterns that indicate the presence of advanced persistent threats (APTs) and other complex attacks that may evade other systems.
Key Features and Benefits
Simplified deployment of Application Delivery services via the Openstack LBaaS connector
Enterprise ready and certified with Red Hat's leading Openstack distribution
Support for both BIG-IP VE as well as hardware appliances
Red Hat Certifications
This product has been certified to run on the following Red Hat products and technologies:
|Red Hat OpenStack Platform 10.0
Base: Red Hat Enterprise Linux (x86_64) 7.4-7.x
|Red Hat OpenStack Platform 7.x||Certified|
|Red Hat OpenStack Platform 8.x
Base: Red Hat Enterprise Linux 7.2-7.x
|Red Hat OpenStack Platform 9.0
Base: Red Hat Enterprise Linux (x86_64) 7.2-7.x
|Red Hat OpenStack Platform 7.0
Base: Red Hat Enterprise Linux (x86_64) 7.0-7.x
Red Hat will provide support for Red Hat OpenStack Platform pursuant to the terms in the subscription agreement. Any support for the VNF functionality will need to be provided by the VNF Partner pursuant to their terms.
F5 provides full support for our LBaaS driver and agent on the via phone or via github. Customers may also use the F5 Slack channel to get immediate support for deployment issues with the LBaaS plugin