F5 BIG-IQ Reviews

Currently for WAF, we are moving to another device, F5. We are not using Imperva.

F5 BIG-IQ is the Web Application Firewall we're currently using, but regarding the Imperva products, now we are floating a bid for our DAM, Database Activity Monitoring, not firewall.

We mainly use F5 BIG-IQ to protect our web-based applications, such as our email and website, so we use it as a web-based application firewall for those services.

We use it for all interfaces, including internet banking.

Currently we have two sites, and on those two sites, we have F5 WAF 448 devices, so we are managing it centrally through F5 BIG-IQ.

We are still doing the monitoring part with F5 BIG-IQ. For example, we have many VIPs and services, so we are creating many VIPs, but it remains a challenge.

The configuration part is not complex for F5 BIG-IQ, which is one thing we love, but regarding the visibility, especially on the attack set sectors, it remains our challenge. Maybe it's our deployment method, we don't know. We involve our vendors most of the time to support us, but it was difficult. Sometimes the log server goes down, so we have to configure it again. The visibility part and the dashboard have weak features. Currently, we are giving it one year, after which we plan to change it.

With F5 BIG-IQ, we are tuning the rules and security features with the vendors, but in some test cases from our audit team, it still fails to capture issues, so we have to add each configuration manually. It is not flexible in that aspect.

The configuration part is complex for F5 BIG-IQ. The simplicity and visibility part needs improvement.

The dashboard, especially the analytics part, needs to be more simple and presentable. For the security part, it is difficult to present to our management, so we have to capture it and prepare manual reporting options rather than getting them directly from the system.

The automation part in F5 BIG-IQ is limited; we are still using it only for load balancing for some services. We haven't integrated it with our Accesso or implemented any automation options.

The setup process for F5 BIG-IQ would rate a five out of ten.

We are still working with F5 BIG-IQ currently.

For stability, F5 BIG-IQ rates a two or three because currently we are integrating it with our third party as a port forwarding service. We created many VIPs, but on average, weekly, we lose three to five connections, making the troubleshooting part a headache for us. We have to delete the VIP and create another VIP to test it. It's not stable. Every time the vendor onboards and performs the self-status check, they suggest something, we implement that suggestion, but it continues to have many issues.

Neutral

F5 BIG-IQ performs better on the scalability part. Currently, we added the WAF module on the device and additional VIPs, so it would rate an eight out of ten.

Positive

From the technical support perspective, it rates a three out of ten.

It is challenging with F5 BIG-IQ. We open tickets and contact the vendor; they ask us to share the log files with them. We do that and wait another two days, constantly following up with them.

Currently, we were using a partner for F5 BIG-IQ, but now during the upgrade process, we plan to engage directly with the vendors because for every support issue and ticket opening, we go through our partner, which was another challenge.

Neutral

Previously, we were using F5 BIG-IQ for load balancing purposes, and after acquiring it, we moved to using F5 BIG-IQ for WAF purposes for more than a year.

F5 BIG-IQ needs improvements in the dashboard, especially the analytics part, which should be more simple and presentable. The security part is difficult to present to our management, requiring us to capture and prepare manual reporting options instead of getting them directly from the system.

The automation part in F5 BIG-IQ is limited; we are still using it only for load balancing for some services. We haven't integrated it with our Accesso or implemented any automation options.

The return on investment is satisfactory.

From the pricing perspective, F5 BIG-IQ rates an eight out of ten as it's reasonably priced.

Positive

We are still not sure which solution to convert to regarding process automation tools, but we plan to evaluate other products. We are still in the planning phase and haven't determined which vendors to compare with.

Currently, we were using a partner for F5 BIG-IQ, but now during the upgrade process, we plan to engage directly with the vendors because for every support issue and ticket opening, we go through our partner, which was another challenge. My overall rating for F5 BIG-IQ is four out of ten.

With F5, I am in touch with the local team. Whenever there is an opportunity or a new requirement for WAF for any file load balancers, I connect to the local team and work with them closely.

Most of the features I see, such as total balancing features and the application firewall, are components that I see in commercials and the banking industry. SSL uploading is another key component that I identify as a key feature in a file.

From the study material point of view, there are multiple certifications available. The challenge is there is hardly any study material available that can be referred to or used as a study material. 

Of course, from the knowledge perspective, multiple courses and details are available. However, from a hands-on experience perspective, more resources should be available on the Internet, like labs and lab preparations.

I have used the solution for more than 12 years.

It is a control management device. It is quite good in a large environment where I have multiple devices; it is easy to manage the devices.

The customer service is great.

The initial setup is straightforward. The link provided allows for an auto-configuration. I just have to click next, next, fill in the information, and it will proceed.

It depends on the market. In the Indian market, there is a competitor called Radware. They are very cheap. 

On a scale of one to ten, I would rate it eight. 

They still need to improve response time at the first level. A bug caused me to lose all the configuration. I see they have a substantial R&D team and they continually work on new technologies and features. 

Positive

F5 BIG-IQ is a central management system for the BIG-IP. You can manage and monitor a bunch of different BIG-IP devices from F5 BIG-IQ.

F5 BIG-IQ is a complex solution, and it cannot manage everything related to BIG-IPs. It's a little bit complex with respect to statistics gathering.

I have been using F5 BIG-IQ for two years.

Since it's a newer product, F5 BIG-IQ is not as stable as F5 BIG-IP.

I rate the solution a seven out of ten for stability.

At least ten customers are using F5 BIG-IQ.

I rate the solution’s customer support seven and a half out of ten.

Neutral

The solution's initial setup was moderate, where it was neither too easy nor too complex.

F5 BIG-IQ is a cheap solution.

A new user should consider what they want to use F5 BIG-IQ. The solution can be used for configuration management or monitoring. The solution can also be used for configuration management and monitoring together. So, users have to select their use cases before choosing F5 BIG-IQ.

When you have a lot of devices, you need to improve them. F5 BIG-IQ is a product for big companies with many F5 BIG-IP devices. You don't need the solution if you've got fewer devices, like 10 to 20 devices. F5 BIG-IQ has the ability to generate a lot of good statistics to troubleshoot latency issues with web applications.

Overall, I rate the solution seven and a half out of ten.

The solution can be used for configuring F5 BIG-IP vault management. You can use the solution for SQL policies or migration of policies from one F5 BIG-IP device to another.

F5 BIG-IQ reduces the propensity for error. For example, if you are manually copying policies and making errors, you can lower security rules where they're supposed to be tightened. With F5 BIG-IQ, you can just copy what you have mapped out in the past.

The solution's centralized management features have streamlined our operation because we have fewer consoles to log in to and fewer parameters to operate on. The solution gives us a single pane of glass to manage everything.

The solution's rSeries has been made free, and iSeries should be made free as well.

I have been using F5 BIG-IQ for two years.

F5 BIG-IQ is a stable solution.

F5 BIG-IQ is a scalable solution. Around six users are using the solution currently.

The solution’s technical support is good.

The solution’s initial setup is straightforward.

The solution’s deployment took around four hours.

Users have to pay an annual subscription fee for the solution's iSeries.

The solution is configured on a virtual appliance, and the appliances are then connected to the IP addresses of the F5 BIG-IP appliances in my network. From there, you can see the appliances and then log in to those appliances from F5 BIG-IQ.

We had a scenario where a bank in Nigeria wanted to migrate from the iSeries to the rSeries of F5 BIG-IP. We backed up the configuration on the iSeries and used F5 BIG-IQ to migrate from the iSeries to the rSeries. The solution's analytics and reporting feature is very effective in optimizing application performance.

I would recommend the solution to other users because you can't effectively use an F5 BIG-IP solution without an F5 BIG-IQ.

Overall, I rate the solution an eight out of ten.

F5 BIG-IQ has a lot of features, but it is not stable. We use it for logging, backup and monitoring applications. We are using version 6.0.2, and it is deployed on-premises as a virtual machine.

The backup, monitoring and logging are the best features.

The stability could be improved. Sometimes the solution does not work.

It is not stable.

It is a scalable solution, and more than 20 people use it in our organization.

We have used technical support, and I rate them an eight out of ten.

Positive

I wasn't involved in the setup, but it was easy.

They offered F5 BIG-IQ free of charge to us last year.

I rate the solution a seven out of ten. Regarding advice, it's a good product, but it is not stable. It is challenging because you have to focus on fixing the stability issues. Our application people check it, and if there are any issues, they inform us.

F5 BIG-IQ can be deployed on-premise and in the cloud.

We are using F5 BIG-IQ to see the statistics of the site devices.

F5 BIG-IQ should improve by being a complete certificate management solution because currently, it is only for Venafi. Other automation platforms, should be added.

F5 BIG-IQ only manages F5, it will not work in multi-vendor environments. For example, if you used RV, there is an additional cost of buying their controllers.

I have been using F5 BIG-IQ for approximately 10 years.

The stability of F5 BIG-IQ should improve. If you add a lot of operations running, such as telemetry, which can be enabled, the CPU utilization is on the high side. 

F5 BIG-IQ has always provided us with great support.

F5 BIG-IQ's initial setup was complex. The time it takes for the process depends, but typically it takes approximately eight hours.

We did the implementation in-house. We only require one person for maintenance for F5 BIG-IQ.

There is only one licensing fee for F5 BIG-IQ and everything is included in the price.

I rate F5 BIG-IQ a five out of ten.

We use the solution for managing devices.

The solution balances frequently.

The solution could improve their interface. Also, It should integrate with McAfee.

I have been using BIG-IQ for three or four years.

The solution is stable.

The solution is scalable. It has good use.

I’ve used Citrix before. F5 offers great pricing and features.

The initial setup is easy.

The product’s pricing is good.

The solution is stable and has a good balance.

Overall, I rate the solution a ten out of ten.

BIG-IQ is just a controller for the appliances of BIG-IP. That's our main use case.

It saves you a lot of work and time. With this solution, any person can manage all of the appliances at once.

The solution is very easy to manage.

It's great at saving time if you have a lot of appliances and you want to show a configuration of all of them at once. It's a great tool for managing your control of all of your BIG-IP appliances.

It's great for engineers or users that have a solid background in networking and protocols. If they know how everything works within the IT industry or deal with security it's easy for them to use.

The GUI is fine, at least from an engineer's perspective.

Overall, the solution is quite good, for how I use it.

The user interface could be a bit better.

The compatibility with the Hyper-V from Microsoft for cloud deployments could be improved.

You do need to have a good and solid background or foundation for networking and you need to understand how to configure F5 appliances in order to properly use it. It's not for a novice user.

I think they need to work with their automation within BIG-IQ or the BIG-IP. Almost everything has automation.

They could use YAML or JSON if they wanted to make it a little bit easier for us.

I only have a little bit of experience with the solution. I've been using it for about one year.

The stability is great. The solution is very reliable. It doesn't crash or freeze. There aren't glitches. 

The scalability is great. I love F5. If a company needs to expand it, they can do so relatively easily, especially if they are using a Viprion appliance.

There's only two to four of us on the solution that have admin rights. We may expand in the future

So far, we've been satisfied with technical support. They are quite responsive and knowledgable. We haven't had a problem with them at all.

I used to use Cisco. I really liked it. Now, I prefer F5. Both are excellent solutions. They're in the top tier for sure.

Each one of them has its own functionality. Cisco has switches, routers, et cetera, from its products. F5, is mainly known as a load balancer for applications, for data centers, et cetera. They're hard to compare as the kind-of move in different spaces, however, they're both great.

I've had some issues with the virtual deployment, or cloud deployment, for BIG-IQ. The compatibility with the Hyper-V from Microsoft is not very good.

When you are trying to implement a new VM, if you have already purchased BIG-IP from the website and you're trying to deploy it in the cloud (or you have a hypervisor), it's not so smooth to deal in terms of the interface. This is also true for Citrix servers. The only one that's worked perfectly for us was the VMware and virtual machine.

I don't really deal with pricing. That's more on the product manager. They handle product licensing. I don't have any idea how much the solution costs.

This solution is one of the finest in the industry.

New users considering the solution need to understand that they need to have a solid background in networking and a few security verticals in order to successfully work with the solution. Without that, they won't be able to do anything with it beyond a basic integration. If you want to move to more advanced functionality, then you have to do programming. If you were going to implement it into a company that has a lot of web servers, you need to be familiar with APIs, JSON, JavaScript, et cetera.

Overall, I'd rate it eight out of ten. It's pretty great, and I love working with it, however, no solution is a perfect ten out of ten.

We primarily use the solution for web security, so for WAF. We also use the product for balancing some servers, and also to handle the panel's SSL.

The best aspect of the solution is that we can have everything integrated with a rather large capacity in order to personalize and configure specific rules.

The solution could be easier to manage and to administer. It's a little difficult at the moment. We need some expertise to exploit all of the functionality. 

The solution should improve pricing. It's expensive in comparison to other American solutions.

We've been working with the solution for about five years now.

The solution is stable. It's very reliable and doesn't have bugs or glitches. It doesn't crash.

The solution is not scalable. However, all of the on-premise platforms have the same problem. We know the limits when we buy the devices. It's a normal issue for on-premise platforms.

Our organization has about 2,000 workers, however, services are circulated across the population. There might be about 70,000 people, more or less.

I've never dealt with F5's technical support as our support is handled by a partner. I wouldn't be able to speak to the quality of F5's service as I've never used it.

This is the first WAF solution we've used in this organization.

We're currently looking to change to a new platform. We're looking potentially at Fortinet or another version of F5. For us, right now, F5 is too expensive.

The solution is difficult in terms of integration. It's more based on design. There's a lot of technical architecture and it works for integrating on the new work, but not on the F5 configurations itself. Therefore, it's not exactly straightforward.

We didn't evaluate other solutions first. We studied this solution with our partner. The market was not very wide here. We chose the best partner on time. This partner commercialized this platform. At the time this solution was the market leader.

We're a customer. We don't have a business relationship with the company.

I believe we are using the latest version of the solution. The model we are using is 2000IP.

I'd warn other organizations that you'll need to have a technical administrator on your team in order to manage the solution correctly. For that reason, I'd rate the solution four out of ten.