F5 Networks Inc. looks to solve more security and scalability issues on IP networks with a major upgrade to its Big IP traffic management software and hardware, with the goal of improving overall application availability.
A key feature of Big IP 4.5, which was rolled out today, is its ability to look at and understand a broader array of packet types, including XML, SQL and SIP. This enables it to direct, report on and screen traffic from Web services, databases, mobile applications and other sources without modification to the core Big IP switching platform, said Erik Giesa, director of product management at F5..
“There is more than just HTTP traffic moving over the wire,” Giesa said.
A new Universal Inspection Engine reads and distinguishes packets in an IP header and payload. Then the iRules component in Version 4.5 directs the packets to the appropriate Web server, application server, database or firewall server based on parameters set by the user. In this way it can, for instance, maintain the session of a mobile client as it switches signals among different cell towers.
A new Dynamic Security Control Architecture centralizes the enforcement of application security by running all IP traffic through a centralized switch. Besides monitoring the types of traffic on a network, the switch can insert certificates.
Using certain configurations, the iRules feature could spot an attack on a Web site and automatically drop all packets coming from the attackers, F5 said.
The Seattle-based developer is backing up its traffic management software upgrades with a new ASIC in its F5 Big IP Application Switch that will enable packet inspection at line speeds despite the bulk of XML and other protocols, officials said.
The Big IP 4.5 software and switching hardware will be available this month.