F5 is making it possible to drastically reduce the complexity of configuring its Big-IP application delivery controllers when customers want to provide specific services to specific applications.

With the next version of F5's TMOS software, users attempting to configure a Big-IP ADC for Microsoft Exchange, for example, can do so by answering a maximum of 18 queries, far fewer than the roughly 1,200 settings that would have to be made under the current version of TMOS. The new version, TMOS v 11, is due out in September.

The same 1,200 settings still get made to properly configure the gear for Exchange, but users no longer have to do them by hand with the upcoming version.

iApp management

The company says this provides an application control plane for the services provided by Big-IP that it calls iApp. Rather than thinking about how to provide appropriate availability, security and optimisation services, customers focus on the application itself and the performance they need from it, F5 says.

"This turns the management of ADCs on its ear," says Mark Fabbi, an analyst with Gartner. "In the past you'd manage boxes with all the applications in mind. This is totally application-centric."

If a customer wants to alter a service an application receives, such as using SSL encryption for application traffic, it can be added via the iApp template for that application by altering its security setting.

With iApp, the same policies will be applied to an application regardless of whether it resides in a data centre, a partner's data centre or a virtual server in a cloud provider's network, Fabbi says.

TMOS version 11

With its initial release, TMOS v11 will provide templates for configuring 23 applications, with more templates to roll out as they become ready.

The company is also expanding its DevCentral community to encourage customers and independent developers to cooperate in creating and sharing templates for other applications. The company says it has 85,000 DevCentral contributors.

Along with iApps, TMOS v 11 includes application by application analytics that F5 didn't provide before because the software didn't abstract data pertaining to the settings for each application.

Fabbi says these new capabilities will make it less challenging for customers to find staff with the right expertise to configure the devices and to take advantage of all its features. F5 says it expects that more security staff and more application staff will become members of DevCentral, because they will be able to more readily access services that pertain directly to their areas of expertise.

Also new with TMOS v 11 is the ability to define clusters of F5 devices that can work together as a group, sharing load and reassigning hardware assets on the fly. So if services for one application on a Big-IP fail, they can be transferred to another Big-IP resource, either a hardware blade, an appliance or a virtual appliance within the cluster. Individual devices in a cluster can be spread around a network, located at different sites if necessary.

With the new architecture, called ScaleN, failover can occur application by application rather than device by device. Formerly, if services to one application failed, all the services on that entire machine had to failover to another machine.

Clusters can sync among themselves as settings change to consistently apply policies regardless of where applications exist. So if a certain IP range is to be blocked in response to an attack in one device, blocking that range on other devices within a cluster will be synched automatically.