on 08-May-2017 09:00
Today F5 posted the latest release of BIG-IQ. This release, v5.2.0 introduces some important new functionality. Let’s take a look at what’s new – and what you will need to know to upgrade to the new release.
Here are a few key points:
BIG-IQ DCDs (formally known as logging nodes) are required for collecting BIG-IP statistics for Dashboards and Reports. DCDs are free of charge – but you will need a zero-cost license key to install.
Users can preserve their logging node data when upgrading 5.x to 5.2. DCDs can be installed in clusters for increased availability. If you use a Logging Node cluster to store and manage your alerts and events you will need to take the cluster off line before upgrading. Be sure to do this during a maintenance window.
F5 now has a sizing guide that will help you determine the number of DCD’s you will require. See the link at the end to see the sizing guide.
The actual process is a bit more involved – here is a flow chart of upgrade steps.
Here is a helpful table for collecting the information you will need prior to upgrading.
Device |
Information Needed |
Information Recorded |
Primary BIG-IQ Centralized Management device |
|
|
Secondary BIG-IQ device |
|
|
Data Collection Devices |
|
|
Storage Machine |
|
|
Previous versions of BIG-IQ were organized, in part, by BIG-IP module. While this made it easy for someone interested in LTM management to click on the ADC tab, it leads to duplication of functionality and lot of extra clicks before users found what they were interested in.
5.2, however, reorganizes the product by function. It now has tabs including
In BIG-IQ 5.2 we have also increased scale, now supporting up to 400 LTM devices and 300 AFM devices based on BIG-IQ running on a 64Gbit VM. For other scale targets, contact your F5 sales representative.
You can now gain insight into your BIG-IP environment when enabling the statistics collection in BIG-IQ. Charts and data cover the following:
For each area listed above, you'll find numerous charts and data, such as CPU, memory, swap, disk, interface traffic, throughput, connection, HTTP, and a plethora of DNS statistics. Controls allow you to view data live or view historical data. You can create comparison charts comparing collected metrics across devices, virtual servers, and so on.
The statistics requires deployment of at least on BIG-IQ console node and at least one BIG-IP Data Collection Device (DCD – previously called logging nodes). F5 recommends deploying the BIG-IQ console node in a virtual machine with a minimum of 4 CPUs and 16GB of memory allocated and the BIG-IQ DCD nodes in a virtual machine with 8 CPUs and 32GB of memory.
Enchants certificate management allows you to track and alert on expiration of SSL certificates and upload keys and certificates to managed devices in your network.
Configure access policies using the Visual Policy Editor
For Access Policy Manager, you can now also use BIG-IQ to centrally manage your security policies. You can compare, edit, verify, stage, and audit policies, as well as deploying policies to multiple devices.
BIG-IQ 5.2 provides extensive reporting and dashboards for tracking your APM infrastructure, your applications and users. Access reports and SWG reports provide the following features.
BIG-IQ includes Access dashboards for:
ASM
You can use the new global search feature to perform a deep search across all managed devices for objects, users, tasks, profiles, and more. From the search window, you can then filter your results, see related resources, or find user activities. You can even create advanced queries and save your favorite searches.
You can evaluate and deploy partial configurations to all managed devices (except APM).
A new alert dashboard provides you a catalog of alerts raised by the BIG-IQ system.
Select API documentation for critical workflows can help you create your own automated solutions. Documentation for
You can discover, import, modify and then deploy back the DoS Device configuration to each managed BIG-IP device for which you have provisioned Advanced Firewall Management.
You can deploy, edit, and create logging profiles on virtual servers on managed devices.
Hopefully this gave you a taste for BIG-IQ. To learn more