1. Leveraging F5 for Application Delivery Shane Coleman Field Systems Engineer, Wisconsin & Northern Illinois s.coleman@f5.com

3. Industry’s only open iControl API & SDK

4. Powerful iRules and DevCentral Community

6. FY08 Revenue: $650 M

7. #1 in Advanced Platform ADC Market – Gartner

9. Application partner tested and documented solutions

10. F5 solutions in partner labs

13. Cisco: 22.5%

15. Cisco: $53 Million

17. Cisco: -14.5%

19. Q/Q Revenue Growth: -1.4%*Application Delivery Controller (ADC) Segment Includes: Server Load Balancing/Layers 4-7 Switching and Advanced (Integrated) Platforms Citrix 12.5% Radware 8.8% Cisco 22.5% Others 18.2% F5 NETWORKS 38.1% SOURCE: Gartner

21. Citrix: 17.8%

23. Citrix: $29.4 Million

25. Citrix: 9.5%

27. Q/Q Revenue Growth: -2%*Advanced Platform Segment Includes: ADCs that integrate several functions (typically more than four) on a single platform (for example, load balancing, TCP, connection management, SSL offload, compression and caching) Radware 10.3% Others 17.5% Citrix 17.8% F5 NETWORKS 54.4% SOURCE: Gartner

28. Wisconsin Clientele

29. Organizations Worldwide Trust F5 to Keep Their Businesses RunningIncluding 9 out of 10 of the world’s top financial services firms and 60% of the Global 1000 Financial Media Other IT Transport Telco/ISP

30. Hardware Platforms BIG-IP VIPRION BIG-IP 8900 40 GbpsTraffic 32 M ccps 200,000 TPS 16 GB Max Compression Multiple Product Modules 2 x Quad core CPU 16 10/100/1000 + 8x 1GB SFP 2x 320 GB HD (S/W RAID) + 8GB CF 16 GB memory SSL @ 58K TPS / 9.6Gb bulk 8 Gbps max hardware compression 12 Gbps Traffic Multiple Product Modules BIG-IP 6900 BIG-IP 3900 2 x Dual core CPU 16 10/100/1000 + 8x 1GB SFP 2x 320 GB HD (S/W RAID) + 8GB CF 8 GB memory SSL @ 25K TPS / 4 Gb bulk 5 Gbps max hardware compression 6 Gbps Traffic Multiple Product Modules BIG-IP 3600 2.4 GB encryption 3.8 Gbps software compression Dual Power option Quad Core CPU 8 GB memory 4 Gbps Traffic Multiple Product Modules BIG-IP 1600 Dual core CPU 8 10/100/1000 + 2x 1GB SFP 1x 160 GB HD + 8GB CF 4 GB memory SSL @ 10K TPS / 2 Gb bulk 1 Gbps max software compression 2 Gbps Traffic 1 Advanced Product Module Dual core CPU 4 10/100/1000 + 2x 1GB SFP 1x 160GB HD 4 GB memorySSL @ 5K TPS / 1 Gb Bulk 1 Gbps max software compression 1 Gbps Traffic 1 Basic Product Module

31. Delivering Applications is Complex Availability Efficiency Growth End-user Experience Security Application Architect

32. Traditional Methods of Resolution Multiple Point Solutions Application More Bandwidth Application Developer Network Administrator Add more infrastructure? Hire an army of developers?

33. F5 BIG-IP TechnologyTurn your infrastructure into an agile application delivery network BIG-IP Users Applications Optimizeyour Applications, Network and Client Connections Secureyour Applications Customizethe delivery of your Applications ensure Scalable, Adaptable, Highly Available Applications provideManageability to administrators

34. Optimizations F5’s Traffic Management Operating System Leveraging Clustered Multiprocessing iSessions Optimizing at the Client Benefit to: Client Network Server

35. TMOS ArchitectureA unified system for application delivery Applications Users Full Proxy Server Side Client Side App Security WAN Accel 3rd Party Microkernel Rate Shaping TCP Express SSL Caching XML Compression OneConnect TCP Express iRules High Performance Hardware iControl

36. Clustered Multi-Processing Benefits of Asymmetric Processing Symmetric Processing No Overhead of CPU Context Switching Load Balances processes across ALL Cores

37. WAN Application Delivery ServicesSecure and optimize site-to-site BIG-IP BIG-IP WAN Firewall Firewall iSessions Symmetric Adaptive Compression SSL Encryption Complete L7 QoS TCP Express 2.0 Servers Servers iSessions secure, optimized connection between two BIG-IPs

38. Improve Connections Starting from Client EDGE Client Smart reconnect feature survives endpoint IP address change (such as AP hop) detects domain changes for automatic VPN tunnel setup/teardown Adaptive compression effort level automatically dials up/down with server/CPU load) Datagram TLS optimizes traffic especially on lossy WAN connections and real time traffic Client side traffic shaping prioritizes sensitive applications (such as VOIP traffic )

40. Dynamic Caching

41. Content Spooling

42. OneConnect

43. Rate Shaping

45. Multi-Connect

46. Dynamic Linearization

47. Dynamic Caching

48. Dynamic Compression

50. Dynamic Caching

51. TCP Express

52. Differential Compression

54. Secure the Applications & Data Industry Recognized ICSA Certified SC Magazine’s 2009 Best Web Application Security Solution Simplified Administration Rapid Deployment Policies Automatic policy builder with templates Flexible Architecture Bridge or Routed Blocking or Passive Modes Strong Security Protocol Anomaly Detection (DoS, Brute Force) Full XML schema validation Data Guard & Cloaking Protocol Security for FTP, HTTP and SMTP Forceful Browsing & Logical Flaw Mitigation OWASP top 10 and “0 Day” Protections

55. Secure the Applications and Data Network and Protocol Attack Prevention Resource Cloaking and Content Security Positive & Negative Security Models Selective Encryption Security at Application, Protocol and Network Level Meet compliance requirements (PCI, HPPIA, etc.) Strong protection without interrupting legitimate traffic “BIG-IP enabled us to improve security instead of having to invest time and money to develop a new more secure application” Application Manger Global 5000 Media and Entertainment Company TechValidate 0C0-126-2FB

56. Adaptive Application SecurityUnique Attack Detection, L7 DoS and Brute Force Protection Remediate unwanted clients while servicing desired clients Improved application availability Focus on higher value productivity while automatic controls intervene

57. Provide Trust-Based Access User Trust: LDAP Windows Domain Active Directory Radius Single Sign On Two-Factor Auth Client Side Certificates The EDGE is Fluid! Resources / Applications Access Policy Manager (APM) Corporate Network Internet Access and Control Network Access Web Application Access Role Based Access Control L4, L7 ACLs Integration with 3rd Party IAM vendors Device Trust: Antivirus Personal Firewall Files and Registry Settings OS & Browser Patches Trusted IP REMEDIATION – When End Point Scan Fails Manageability BIG-IP GUI, tmsh, iRules, iControl Visual Policy Editor – Easy to Build & Maintain end point security access policies Role Based Admin – admin access based on organizational role End User Experience WAN Optimization and Web Acceleration Standalone Client Web based Client

58. Customization of Application Delivery iRules iControl

59. Customize your Delivery with iRules Programming language integrated into TMOS TMOS (Traffic Management Operating System) Based on industry standard TCL language TCL (Tool Command Language) Inbound or outbound traffic can be: intercepted inspected transformed directed tracked 0101010101010101010101010101010101010101010101010101010101010101

61. Multimedia

62. iRules and iControlsamples

63. Forums

64. Tutorials

65. Toolshttp://devcentral.f5.com

67. DLL in Visual StudioWeb Client Web Client Web Server Virtualization BIG-IP iContol Web Server Web Server Web Server Application Server Virtualization BIG-IP iContol App. Server App. Server App. Server Storage Virtualization Storage Storage Storage

68. Available, Scalable & Adaptable Applications Load Balancing Hardware Resilience Stateful, High Availability Blade-based capabilities Adaptability with Dynamic Infrastructure Concepts

69. It Starts with Load BalancingEnsure availability and plan for growth 8 Dynamic LB Methods Application Health Monitoring High Performance Hardware Session Persistence TransactionAssurance LTM load balances at the application level Ensures the best resources are always selected Has deep visibility into application health Proactively inspects and responds to errors Eliminate downtime and scale the application

70. Intelligent Monitoring: Monitor real traffic instead of probing In-Band Monitors Monitor is based on live traffic connections Detects true state of application without active monitor overhead Alleviates active monitors constantly sending traffic to the servers; catches downed nodes in between the active monitor probe internals Marks node down after pool member does not respond to a connection within a certain amount of time Can automatically attempt to send a connection to a downed node Can only force the active monitor to be used for probing if the passive monitor detected the node as down 01010101010101010101010101010101010101010101010101010101010101010

71. Offering Resiliency & High Availability Hardware designed specifically for Application Delivery Industry’s best performance – up to 40 Gbps throughput Hot-Swappable Components Flexible deployment options – FIPS, NEBS, DC power Always-on Management All Hardware supports intelligent High Availability Stateful Failover for session-based applications

72. Dynamic Infrastructures using VMWARE / F5 Matching Network Automation with Computer Resource Automation Demand ↑ ↑ ↑ Web Clients Web Clients Monitoring & Management Frontends Virtualization Detection BIG-IP LTM iControl Automation VM Provision Frontend Frontend Frontend vCenter + AppSpeed F5 Provision AppServers Virtualization BIG-IP LTM iControl Demand ↓ ↓ ↓ Detection App. Server App. Server App. Server Storage Virtualization Automation F5 Deprovision VM Deprovision

73. Global (Site) Adaptability Data Center Asia Data Center North America ISP-2 ISP-1 Firewalls BIG-IP Firewalls BIG-IP Internet Data Center Europe Firewalls BIG-IP Leverage Global DNS capabilities within BigIP

74. Manageability GUI Application Templates Software Installation Resource Provisioning Virtualized Management Routing Domains Certificate Management Centralized Management Capabilities

75. Simplified ManagementXMUI GUI scales and provides user friendly, intuitive console

76. Simplified ManagementDashboard

77. Simple Application Roll-outsCustomizable Application Templates 1

78. Simple Application Roll-outsApplication Templates 2

79. Templates Engineered With CollaborationEnsuring best-practice deployments F5 Solution Center Successful Deployments

80. Management – Software and Image Control Create Volumes for Boot Partitions

81. Staging & Confirming the Installation

82. Installation progress Once the install has completed, simply click on any link in the GUI to navigate away from the page

85. Management Virtualization Driving forces: Regulatory, Best Practice Benefits: Compliance, Reduce Configuration Errors F5 Management Virtualization Partition Virtualized Servers, Resources and Monitors Limit Roles within the Partitions

86. Routing Domains DomainA 10.10.10.0 10.10.20.0 DomainB 10.10.30.0 10.10.40.0 DomainC 10.10.50.0 10.10.60.0 Isolated Routing Domains Independent Default Gateway’s and Routing Tables Overlapping IP Address Networks Supported

87. Certificate Management Easily import existing certificates Create new certificates Leverage wildcards to minimize certificate costs Notification of upcoming certificate expiration

89. Capacity planning as well as trending and historical analysis

90. Opportunities to effectively plan with Business Units

91. Central Policy Management & DeploiymentIT Staff IT Staff IT Staff IT Staff Web Web SharePoint Exchange Web SharePoint Exchange Accounting Real-time Monitors ADC ADC ADC ADC ADC ADC ADC ADC