DATA SHEET

BIG-IP Local
Traffic Manager

WHAT'S INSIDE Application Delivery with Scale, Automation,

2 Application Intelligence and Customization
3 Automation and Container

Applications drive innovation and profitability, allowing your business to leverage cloud
Ingress
computing, mobility, and software-defined networking (SDN). Your organization from AppDev
4 Programmable Infrastructure and DevOps teams to Infrastructure and IT Ops depends on your app services and network
infrastructure running at peak performance with app-centric security to meet the challenges
6 Scalable Infrastructure
of today—and tomorrow.
6 Attack Mitigation
F5® BIG-IP® Local Traffic Manager™ (LTM) delivers your applications to users in a reliable,
7 BIG-IP Platforms
secure, and optimized way. You get the extensibility and flexibility of application services with
8 Simplified Licensing the programmability you need to manage your cloud, virtual, and physical infrastructure. With
BIG-IP LTM, you have the power to scale, automate, and customize application services faster
9 F5 Global Services
and more predictably.
9 DevCentral

9 BIG-IP LTM Features

KEY BENEFITS
10 More Information
Scale applications rapidly and reliably Migrate to virtual and cloud environments
Optimize for today’s web applications with HTTP/2 Realize operational consistency and comply
to ensure that your customers and users have with business needs across physical, virtual, and
access to the applications they need—whenever cloud environments with deployment flexibility
they need them. and scalability.

Automate and customize with programmable Simplify deployment and management of apps
infrastructure User-defined F5 iApps® and FAST templates
Control your applications—from connection and make it easy to deploy, manage, and gain
traffic to configuration and management—with complete visibility into your applications.
F5® iRules® LX for network programmability,
with Node.js language support in BIG-IP. Use Secure your critical applications
the F5 Automation Toolchain for a declarative Protect the apps that run your business with
approach to efficiently provision, configure, and industry-leading SSL performance and visibility.
manage appliances.
RELEVANT RESOURCES A P P L I C AT I O N I N T E L L I G E N C E
Load Balancing Your Applications
Application Traffic Management
SSL Visibility, Control, and BIG-IP LTM includes static and dynamic load balancing to eliminate single points of
Performance failure. Application proxies give you protocol awareness to control traffic for your most
important applications. BIG-IP LTM also tracks the dynamic performance levels of servers
Deploy Consistent Policies
across Any Cloud in a group, ensuring that your applications are not just always on, but also are easier to
scale and manage.
Troubleshoot App
Performance Issues
Secure Application Delivery
BIG-IP LTM delivers industry-leading SSL performance and visibility for inbound and
outbound traffic, so you can cost-effectively protect your entire user experience by
encrypting everything from the client to the server. It also defends against potentially
crippling DDoS attacks and provides ICAP services for integration with data loss protection
and virus protection.

Application Delivery Optimization

BIG-IP LTM scales dramatically, improving page load times and the user experience
with HTTP/2, intelligent caching, extensive connection optimization and management,
compression, RAMCache performance, F5 TCP Express™, and F5 OneConnect™. It also
makes real-time protocol and traffic-management decisions based on application and server
conditions, enables rules customization and programmability, and TCP and content offloading.

Application Visibility and Monitoring

Monitor exactly how your application is performing for real users based on application
response times, network conditions, and user context. F5 Analytics captures application-
specific statistics, such as URL, throughput, and server latency, reported at different levels
of the service. BIG-IP LTM makes it simple to integrate with your existing tools using industry
standards such as sFlow, SNMP, and syslog.

IoT Protocol Visibility

BIG-IP LTM enables support of IoT clients, publishing useful information to the MQTT Brokers
(servers) through the MQTT protocol. The MQTT Brokers then send information to all the
subscribers of this information and MQTT support allows BIG-IP LTM to leverage MQTT traffic
load balancing for customers’ IoT clients.

BIG-IP Local Traffic Manager 2

Figure 1: F5 Analytics provides real-
time, application-level statistics.

A U T O M AT I O N A N D C O N TA I N E R I N G R E S S

RELEVANT RESOURCE F5 Automation Toolchain allows network and application services such as traffic management
and application security to be managed programmatically, through simple, declarative APIs
Integrate into Container
Environments versus traditional manual imperative configurations.

At the core of the F5 Automation Toolchain is the Application Services 3 Extension (AS3)
which enables administrators and developers to automate layer 4–7 application services.
AS3 also provides a sustainable foundation to enable F5’s Infrastructure as Code (IaC)
strategy and future integration with third-party orchestration, SDN, and NFV solutions.

F5 Declarative Onboarding enables initial provisioning of F5 solutions, as well as

configuration of layer 2–3 objects such as route domains, routes, self IPs, and VLANs.
The Declarative Onboarding Extension, like the Application Services 3 Extension, accepts
a JSON declaration that defines the desired onboarding end-state via a single REST API.

The F5 Telemetry Streaming Extension is an iControl LX extension that aggregates,

normalizes, and forwards statistics and events to consumer applications such as Splunk,
Azure Log Analytics, AWS CloudWatch, AWS S3, Graphite, and more. This tool uses
a declarative model, meaning you provide a JSON declaration rather than a set of
imperative commands.

The F5 API Services Gateway is a TMOS-independent Docker container which runs F5’s
iControl LX framework and provides a lightweight, fast, portable, TMOS-independent
vehicle for customers to leverage iControl LX.

BIG-IP Local Traffic Manager 3

The F5 Automation Toolchain delivers a process-driven approach to automation. Use the
components of the Automation Toolchain to efficiently provision, configure, and manage the
services that support your apps. The Automation Toolchain is available, free of charge, on
GitHub and Docker Hub.

F5 ecosystem integrations with Ansible, Terraform, Puppet, Chef, and Cisco ACI help you
simplify orchestration and configuration management across public and private clouds and
on-premises, delivering software-defined networking with policy-driven automation and
increasing the speed of app deployment through automated provisioning.

F5 Container Ingress Services (CIS) makes it easy to deliver advanced application services
to your container deployments, enabling Ingress control HTTP routing, load balancing, and
application delivery performance as well as robust security services.

Container Ingress Services easily integrates BIG-IP solutions with native container
environments, such as Kubernetes, and PaaS container orchestration and management
systems, such as RedHat OpenShift.

PROGRAMMABLE INFRASTRUCTURE

Local Traffic Policies

BIG-IP® local traffic policies are a structured, data-driven collection of rules created by
populating tables in a web UI. The policy tables are filled using readable English; no
programming skills are required. These policies allow you to inspect, analyze, modify, route,
re-direct, discard, or manipulate traffic, and solve common use cases previously covered
by simple iRules. For example, you might create a policy that determines whether a client
is using a mobile device, and then redirect requests from mobile devices to the applicable
mobile web site URL.

iRules
The F5 iRules® scripting language—F5’s traffic scripting interface—enables programmatic
analysis, manipulation, and detection of all aspects of the traffic in your networks. Customers
routinely implement security mitigation rules, support new protocols, and fix application-
related errors in real time. With robust and flexible iRules, you can easily and rapidly develop
solutions that you can confidently deploy across multiple applications.

iRules LX
iRules LX is the next stage of evolution for network programmability that brings Node.js
language support to the BIG-IP platform. Node.js allows JavaScript developers access to over
250,000 npm packages that make code easier to write and maintain. Development teams
can access and work on code with the new iRules LX Workspace environment and the new
plug-in available for the Eclipse IDE, which can be used for continuous integration builds.

BIG-IP Local Traffic Manager 4

 iApps and FAST
F5 iApps and FAST templates are powerful tools that enable you to deploy, manage,
and analyze enterprise application services as a whole rather than individually managing
configuration and objects. iApps and FAST give you greater visibility into and control over
application delivery—and help you deploy in hours rather than weeks. This application-
centric approach aligns the network with your applications and adapts application delivery
to business needs.

Figure 2: iApps Templates simplify

application deployments.

iControl
RELEVANT RESOURCES The F5 iControl® APIs and SDK allow automation and integration of custom applications into
all aspects of BIG-IP LTM and other BIG-IP modules. iControl is delivered as both REST and
Optimize ADC Performance
SOAP APIs to fit the model best suited for your organization. With iControl, every aspect of
Consistent App Services in BIG-IP LTM configuration, including most aspects of all BIG-IP modules—from device and
Any Cloud
application provisioning to application tuning and health and support initiation—can be
programmatically automated to achieve dynamic infrastructures.

iCall
F5 iCall® is a powerful scripting framework, based on TMSH (the F5 TMOS® Shell command-
line interface) and Tcl, that helps customers maintain their environment and reduce downtime
by automating tasks. It monitors for events and executes scripts to resolve issues quickly and
predictably. iCall enables administrators to react to specified events by executing services
on the management plane, such as generating a TCP stack dump on a failure, executing a
specific iApp to reconfigure application network service settings, or adjusting load balancing
weights on application services based on a change in health monitoring data.

BIG-IP Local Traffic Manager 5

SCALABLE INFRASTRUCTURE

Cloud-Ready
BIG-IP LTM makes it easy to realize operational consistency and comply with business
needs across physical, virtual, and cloud environments, removing the friction of migrating
applications between traditional physical and cloud architectures. Available in public clouds
and for migration across multi-cloud. Learn more in the BIG-IP Virtual Edition data sheet.

ScaleN
F5 ScaleN® technology uses the F5 VIPRION® chassis, Device Service Clusters, and the
scaling capabilities of F5 Virtual Clustered Multiprocessing™ (vCMP) to enable more efficient,
elastic, and multi-tenant solutions for data centers, clouds, and hybrid deployments. ScaleN
moves beyond traditional infrastructure limitations and offers multiple scalability and
consolidation models to help you meet your specific business needs.

Virtual Networking
The BIG-IP® SDN Services module natively supports VXLAN and NVGRE to offer gateway
capabilities with BIG-IP LTM bridging virtual and traditional networks. This lets you keep
things simple, applying application delivery network services across both virtual and
traditional networks.

Advanced Routing
The BIG-IP® Advanced Routing™ Module allows BIG-IP LTM to provide network routing
capabilities such as BGP, RIP, OSPF, ISIS, and BFD for enhanced interoperability within
the network, increasing the resilience and capacity of your network.

AT TA C K M I T I G AT I O N

Deploy F5 Distributed Cloud Bot Defense directly from your BIG-IP

Bots cause significant financial pain through scraping that slows performance, scalping
and inventory hoarding that frustrate loyal customers, enumerating gift card codes to steal
balances, creating fake accounts to commit fraud, and credential stuffing—the testing of
stolen credentials—that leads to account takeovers.

Today’s advanced, persistent bots are more sophisticated than ever. To stay ahead of
attackers, F5 Distributed Cloud Bot Defense uses rich client-side signal collection, industry-
leading code obfuscation, aggregate telemetry collection, and AI for unparalleled long-term
efficacy and near-zero false positives while maintaining access for good bots. And because
F5 defends the most targeted sites on the web—including those of the world’s largest banks,
retailers, and airlines, F5 is ready when these attacks target your organization.

Deploy F5 Distributed Cloud Bot Defense directly from your BIG-IP or through a connector
that’s right for your application, with support services tailored to your needs, from self-service
to managed service.

BIG-IP Local Traffic Manager 6

B I G - I P P L AT F O R M S

Only F5’s next-generation, cloud-ready ADC platform provides DevOps-like agility with the
scale, depth of security, and investment protection needed for both established and emerging
apps. The BIG-IP® iSeries appliances deliver quick and easy programmability, ecosystem-
friendly orchestration, and record-breaking, software-defined hardware performance. As
a result, customers can accelerate private clouds and secure critical data at scale while
lowering TCO and future-proofing their application infrastructures. F5 solutions can be
rapidly deployed via integrations with open source configuration management tools and
orchestration systems.

In addition to the iSeries, F5 offers VIPRION modular chassis and blade systems designed
specifically for performance and for true, on-demand, linear scalability without business
disruption. VIPRION systems leverage F5’s ScaleN clustering technology so you can add
blades without reconfiguring or rebooting.

The F5 VELOS® platform is the next generation of F5’s industry-leading chassis-based

systems, which delivers unprecedented performance and scalability in a single Application
Delivery Controller (ADC). You can seamlessly scale capacity by adding modular blades in a
chassis, without disruption, and VELOS allows a mix of traditional BIG-IP tenants as well as
next-generation BIG-IP tenants in the future.

The next-generation ADC solution, F5 rSeries, bridges the gap between traditional and
modern infrastructures with a rearchitected, API-first platform designed to meet the needs
of your traditional and emerging applications. The new F5 rSeries delivers unprecedented
levels of performance, a fully automatable architecture, and the highest reliability, security and
access control for your critical applications.

Virtual Editions (VEs) of BIG-IP software run on commodity servers and support the range of
hypervisors and performance requirements. VEs provide agility, mobility, and fast deployment
of app services in software-defined data centers and cloud environments.

See the BIG-IP System Hardware, VIPRION, VELOS, and Virtual Edition data sheets for
more details. For information about specific module support for each platform, see the latest
release notes on AskF5. For the full list of supported hypervisors, refer to the VE Supported
Hypervisors Matrix.

BIG-IP Local Traffic Manager 7

 With BIG-IQ® Centralized Management, you can manage F5 platforms with a single-pane-of-
glass view, including:

• BIG-IP iSeries Appliances

• rSeries Appliances

• BIG-IP Virtual Editions

• VIPRION Chassis

• VELOS Chassis

Figure 3: Manage your BIG-IP

appliance health and track CPU and
memory usage of physical and virtual
platforms, hardware blades, and
cores with BIG-IQ. Use logging and
reporting to understand overall trends
and spot areas needing correction.
Easily manage policies, certificates,
and licensing management to push
out to all BIG-IP ADCs for centralized
control of app services infrastructure.

FLEXIBLE LICENSING TO MEET YOUR NEEDS

To align with differing purchasing directives, BIG-IP Next may also be licensed via an
assortment of consumption models. Choose the licensing model that best suits your needs,
including subscription, perpetual, or the utility program:

• Subscription—Renewable one- to three-year subscriptions afford initial upfront savings

and include access to F5 premium support.

• Perpetual—A one-time CapEx investment provides complete solution ownership.

• Utility—Pay-as-you-go model includes access to F5 premium support without the need

for a long-term commitment.

BIG-IP Local Traffic Manager 8

F5 GLOBAL SERVICES

F5 Global Services offers world-class support, training, and consulting to help you get the
most from your F5 investment. Whether it’s providing fast answers to questions, training
internal teams, or handling entire implementations from design to deployment, F5 Global
Services can help ensure your applications are always secure, fast, and reliable. For more
information about F5 Global Services, contact [email protected] or visit f5.com/support.

DEVCENTRAL

The F5 DevCentral® technical community is an active and engaged source for the best
technical, how-to articles, discussion forums, shared code, media, and more related to
programmability and Application Delivery Networking.

B I G - I P LT M F E AT U R E S

Application Traffic Management Application Visibility and Monitoring

• Intelligent load balancing • F5 Analytics
• Application protocol support • Performance dashboard
(HTTP/2, SSL/TLS, SIP, etc.)
• High-speed logging
• Application health monitoring
• sFlow
• Application connection state management
Programmable Infrastructure
• F5 OneConnect
• iRules and iRules LX for data plane
• Advanced routing
programmability
(BGP, RIP, OSPF, ISIS, BFD)
• iCall for event-based control-plane scripting
• SDN services (VXLAN, NVGRE)
• iApps for app-level config management and
deployment
Application Delivery Optimization
• iControl for Management API (SOAP, REST)
• Symmetric adaptive compression
• RAM cache and compression
Automation and Container Ingress
• TCP Express
• Automation Toolchain for declarative apps
• HTTP/2 gateway
services configurations

Secure Application Delivery • Application Services 3 Extension (AS3)

automates Layer 4-7 services
• SSL connection and session mirroring
• Hybrid crypto services • Declarative Onboarding for initial provisioning
(Hardware SSL offload for BIG-IP VE) and configurations

• SSL/TLS encryption offload • Telemetry Streaming for data stream export to

(hardware accelerated) 3rd party analytics
• Algorithm agility
• FAST templates for declarative app services
(GCM, ECC, Camellia, DSA, RSA)
configurations
• Suite B support including forward secrecy
• Container Ingress Services for automation of
• Internal/Network/Cloud HSM (FIPS 140-2)
container app services
• SSL visibility

BIG-IP Local Traffic Manager 9

 Ecosystem Integrations ScaleN
• Ansible templates for app services automation • On-demand scaling

• Terraform modules for deployment automation • All-active application clustering

• Cisco ACI and F5 BIG-IP for integrated network

fabric and control

• Puppet for automation of configurations and

app services

• Chef for configuration management integrations

• F5 Distributed Cloud Bot Defense for attack

mitigation

M O R E I N F O R M AT I O N

To learn more about BIG-IP LTM, visit f5.com to find these and other resources.

Web
BIG-IP Local Traffic Manager
DevCentral

Data sheets
BIG-IP System Hardware
BIG-IP Virtual Editions
rSeries
VELOS
VIPRION

Articles and guides

State of Application Strategy 2021: Unpacking the Current and Future State of Application Security
and Delivery
3 Tips for Maintaining a High-Performing App Portfolio
Choose advanced cloud solutions that will scale into the future
Load Balancing Your Applications

Case studies
Varolii: SaaS Provider Ensures High Uptime and Resiliency for Critical Customer Apps with F5
Motorists Insurance Group Gives Customers A Seamless Experience With F5 + Okta Solution
Pandora Scales to Serve Tens of Millions of Internet Radio Users with F5 Solution
MarketAxess Increases Productivity with F5 and Ansible Automation

Use cases
Deploy Consistent Policies across Any Cloud
Integrate into Container Environments
Troubleshoot App Performance Issues
Integrate into CI/CD Pipelines

©2022 F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. Other F5 trademarks are identified at f5.com.
Any other products, services, or company names referenced herein may be trademarks of their respective owners with no endorsement or affiliation, expressed or implied, claimed by F5.
DC0522 | DS-CORE-884849505