F5 VELOS CX410
Powerful next generation chassis system
- Two (default) SX410 System Controller
- 1x 10GBase-T, 1x USB 3.0, 1x serial console
- 960GB NVMe SSD
- 8-Core Intel SoC
- 32 GB DDR4 memory
- AC power supply:
Overview:
VELOS efficiently manages and secures your most demanding applications and continues the industry leadership for Layer 4-7 throughput, connection processing, and SSL/ECC performance. VELOS relies on an API-first architecture and uses a Kubernetes-based platform layer that is tightly integrated with F5’s TMOS software. This fully automatable system aligns with your modern architecture plans.
On-premises
Scale and protect applications at the data center and edge sites.
Colocation
Deploy your apps and clouds at dedicated interconnection points.
Performance and Reliability of Hardware — Agility and Scale of a Modern Architecture
Traffic continues to skyrocket as enterprises and service providers accelerate their digital transformation, resulting in more apps, users, and usage than ever. Meanwhile, the existing hardware platforms in place are rapidly aging. While some customers are “sweating their assets,” many others are at the breaking point due to high operating costs, appliance sprawl owing to so many point products, burdensome manual processes, and increasing support and maintenance issues.
What’s undisputed is that we are living in a cloud-first, software-first world. Yet, many apps still benefit from the predictability, high scalability, performance, and operational simplicity of an integrated and engineered hardware system. With existing hardware platforms, however, customers cannot leverage modern architectures for their new apps that unlock the benefits of being built with DevOps-friendly microservices—not without forcing operations teams to perform all the systems engineering and manage the resulting complexity.
The F5 VELOS platform is the next generation of F5’s industry-leading chassis-based systems, which deliver unprecedented performance and scalability in a single application delivery controller (ADC). As with VIPRION, F5’s existing chassis-based system that has been in the market for more than 10 years, customers can seamlessly scale capacity by adding modular blades in a chassis, without disrupting users or applications, rather than having to install and configure new appliances. Now, VELOS can also bridge traditional and modern application architectures by supporting a mix of traditional F5 BIG-IP tenants as well as next-generation BIG-IP Next tenants in the future, which will unleash the true power of running on a microservices-based architecture.
Modern Platform Software Eases Your Transition
VELOS relies on a Kubernetes-based platform layer (F5OS) that is tightly integrated with F5 TMOS software, aligning with your modern architecture plans. Going to a microservice-based platform layer allows VELOS to provide new and exciting features that were not possible in previous generations of F5 BIG-IP platforms.
Administrators won’t have to worry about learning Kubernetes or microservices concepts. They only need to know that it’s what powers the new platform and that it’s abstracted, so an administrator can manage it via familiar CLI, GUI, and API interfaces. This means you can simultaneously run tenants with the current generation of BIG-IP software with more modern microservice-based BIG-IP software that will be introduced in the future. In addition, as you shift workloads among on-premises and cloud environments, you will not need to perform time-consuming migrations with heavily refactored apps.
VELOS is a flexible system that allows you to plug in both current and future versions of BIG-IP, making it easier to use multiple versions of BIG-IP. VELOS is more aligned to modern architectures, allowing you to future-proof your deployments and environments. With VELOS, you can leverage F5OS to manage BIG-IP tenants and app services for containerized apps.
Key Benefits
Get More Done with Automation
Reduce your current deployment time from weeks to minutes and improve operational agility with an API-first architecture that powers automation.
Unmatched Performance for Improved ROI
Manage and protect demanding apps with industry-leading Layer 4 and Layer 7 performance and SSL processing power.
Infrastructure Reliability and Business Continuity
Achieve business continuity with fully isolated traffic using multiple layers of tenancy and ensure our apps are always available and secure with enterprise-grade platform redundancy.
Lower Operating Costs
Slash your total cost of ownership up to 3X with far greater price/performance, device consolidation, and multi-tenant scale.
Introducing BIG-IP Next: Modern Application Delivery on VELOS
F5’s next-gen software, BIG-IP Next, leverages powerful declarative APIs to make it faster and easier for DevOps, NetOps, and other BIG-IP-reliant teams to manage and automate their BIG-IP deployments. The completely rearchitected software layer and modern framework provides the basis for significantly improved control plane scale and performance, reduced cloud footprint for lower operational costs, and rapid instance upgrades.
Carrying forward the comprehensive suite of advanced BIG-IP functionality developed over the past 20 years, BIG-IP Next will continue to deliver everything from application security and access controls to local and global traffic management—and will be available across the same breadth of deployment and consumption models as its predecessor.
When fully mature, BIG-IP Next will offer the following benefits on VELOS:
- Accelerate time-to-market using a highly automatable, API-first design that enables automation-driven device onboarding and seamless application services configuration via declarative APIs.
- Reduce cloud total cost of ownership with optimized, right-sized instances that reduce annual spend and a containerized core that splits feature-modules into individual units, permitting teams to select, choose, and deploy only the functions required.
- Handle extensive application portfolios and complex, resource-intensive app configurations thanks to a highly scalable control plane.
- Reduce application downtime with rapid, hitless upgrades that can be performed while maintaining all existing operations and without disrupting traffic flows or diminishing application availability.
- Maintain a cutting-edge security posture with accelerated and incremental feature delivery software releases every three months–twice as often as TMOS feature releases.
- Continue using the advanced suite of app services and modules you know and trust as the majority of capabilities are carried forward with BIG-IP Next.
Predicatable Performance and Maximum Scale for Demanding Applications
F5 has always provided the highest performance ADCs with chassis-based systems since the introduction of F5 VIPRION(r) Platform more than a decade ago. As the next-generation chassis, VELOS continues this industry leadership for Layer 4–7 throughput, connection processing, and SSL TPS (RSA / ECC) performance, letting you more efficiently manage and secure your most demanding applications, offload web and app servers, and consolidate infrastructure within the same VIPRION footprint. VELOS delivers the highest performance per rack unit as well as multi-Tbps L4–7 throughput with a fully non-blocking backplane.
In addition, as a fully integrated and tested system, VELOS enables you to gain predictable performance for your applications. As a result, you no longer have to engineer your own application stack with different combinations of server hardware and operating software, hypervisors, ADC software, and so on.
Make Automation Standard Practice
With the demands of your business, you are under pressure to move faster to deploy and scale applications. Now, you don’t need to implement software-only infrastructure to take advantage of CI/CD toolset integration, declarative APIs, and telemetry-based implementations. With its API-first architecture, VELOS provides a fully automatable system that can deliver the agility you need today.
With VELOS, you can take advantage of the F5 Automation Toolchain. Automation Toolchain offers a way to simplify and streamline your F5 portfolio with simple, yet powerful declarative interfaces that minimize F5 knowledge requirements, reduce errors, increase deployment velocity, and make workflows more repeatable. Automation Toolchain is comprised of a unified set of REST API endpoints that are built using human-readable JSON source of truth documents installed on BIG-IP or on BIG-IQ Centralized Management in any environment where those solutions are supported. The Automation Toolchain makes it faster, easier, and more programmatic to configure and deploy F5 application delivery and security services.
In addition, BIG-IP Next on VELOS completes the transition away from imperative APIs (iControl)—where individual commands must be arduously sequenced together to automate simple tasks—to an entirely declarative model where desired end-state declarations built around use cases are all that is required to automatically stand-up or configure instances. This shift not only makes it faster to deploy and configure applications, but also replaces the need for extensive domain knowledge—making it easier to automate tasks.
Gain BIG-IP Management and Visibility with BIG-IQ and BIG-IP Next Central Manager
F5 BIG-IQ allows you to take an application-centric approach to core IT—networking, development, and deployment—with a unified tool for managing your F5 application delivery and security portfolio, including VELOS. BIG-IQ extends the operability and value of your F5 investment with the ability to create, configure, deploy, analyze, orchestrate, troubleshoot, upgrade, and patch the entire F5 security and application delivery services portfolio. BIG-IQ supports management of BIG-IP physical and virtual devices, both locally and in the cloud, including third-party certificate management. From per-app virtual editions to traditional hardware appliances, BIG-IQ makes it possible to gain deep visibility into F5 services and devices, build native and third-party integrated automation workflows, simplify configuration and deployment tasks, assign role-and-user-specific permissions, and ensure every team— and every app—has the resources required for optimal performance.
With the launch of BIG-IP Next, customers gain centralized control and visibility with F5 BIG-IP Next Central Manager. Designed to simplify management, monitoring, and visualization of BIG-IP Next infrastructure and services through an intuitive user interface, BIG-IP Next Central Manager reduces the complexity, and therefore time, needed to perform critical tasks and workloads. BIG-IP Next Central Manager is your single source of truth for managing workflows, ensuring consistency, and enforcing compliance.
Built on a highly scalable, microservices architecture, BIG-IP Central Manager can run on vSphere, KVM, or OpenStack on an x86 server to most cost-effectively manage all your BIG-IP Next instances. Key functionality includes:
- Full instance lifecycle management
- Policy, compliance management, and security enforcement
- GUI and API-driven service provisioning and troubleshooting
- Detailed visibility and analytics
- Automation leveraging BIG-IP Application Services Extension (AS3) and F5 Application Services Template (FAST)
Increased Performance and Greater Agility with Programmable System Resources
VELOS offers even more hardware-accelerated performance than previous generations with blades, with double the field-programmable gate array (FPGA) chipsets, and with FPGA technology tightly integrated with the TMOS technology and software. This means that, for specific use cases, you can avoid CPU-exhaustion scenarios and gain performance that you cannot replicate on any other system with similar resources.
VELOS uses a new generation of hardware with the latest Intel processing for CPUs. VELOS uses two FPGAs, the Application Traffic Services Engine (ATSE) and the VELOS Queuing FPGA (VQF). The newer generation Intel chipsets provide more modern SSL cipher support and can offload elliptical curve cryptography (ECC)-based ciphers in hardware. F5 embedded Packet Velocity Acceleration (ePVA) is used to offload varying workloads from FASTL4 to DDoS mitigation. FPGA technology enables high-performance capabilities tightly integrated with the F5OS technology and software.
They include:
- SSL and compression offload
- L4 offload, enabling leading throughput rates and reduced loads on software.
- Hardware-accelerated SYN flood protection.
- Hardware detection and mitigation of more than 100 types of denial-of-service (DoS) and DDoS attacks.
- Support for F5 IP Intelligence Services, with denylist, allowlist, and temporaryrejection capabilities.
Multi-Tenancy Security with Full Isolation
Virtualization and multi-tenant architectures are often implemented to address business and topological requirements, such as being able to consolidate services or acquire or merge existing networks. Organizations need to know that significant security mechanisms are built into these architectures. Enterprises seeking the CapEx gains that virtualization offers often run applications that have differing security requirements.
Essentially a dedicated hypervisor for F5 hardware platforms, F5’s Virtual Clustered Multiprocessing (vCMP) technology gives organizations a virtualization strategy for application delivery and isolating multi-tenant environments. Chief information security officers want to know how secure the vCMP technology is. Managed service providers need to be able to completely assure their downstream customers that their network traffic cannot be seen or manipulated by other customers hosted on the same physical device.
F5 developed the vCMP technology originally for VIPRION with these factors in mind, while preserving the high availability, speed, and performance that are the hallmarks of all F5 products. VELOS continues to support—and improve on—the vCMP technology that is such a benefit to many customers.
VELOS supports flexible multi-tenancy options across system resources with its vCMP technology and enables even more multi-tenancy density than was previously achievable with VIPRION. This allows customers to achieve greater ROI on its new F5 hardware investments, because system resources can be allocated more effectively.
Multi-tenancy enables many other benefits. For example, customers gain the ability to host many different BIG-IP tenants on the same chassis, which may vary in terms of supported versions and licensed software modules, depending on the needs of the particular applications or business requirements. Each tenant can be independently upgraded or patched without impacting other tenants. In addition, multi-tenancy and administrative partitions deliver full tenant isolation and failure independence of traffic, data, and administrative access for unmatched tenant isolation.
Edge Computing Solutions for Service Providers
Globally, service providers are investing heavily in 5G networks and in trying to win the battle for both the consumer and business markets. Increased throughput and reduced latency are the key drivers for the network edge, particularly for video applications for example that are straining today’s networks. Combined with this, service providers also need to develop new consumption models and revenue generating services to stay competitive. A flexible, secure, high-performance solution is required.
VELOS provides hardware assisted L4 offload, native, high-performance security services to protect public-facing websites and data center applications from distributed, multi-layer cyberattacks through BIG-IP Advanced Firewall Manager™ (AFM), and hardware assisted DDoS mitigation of DDoS vectors, per endpoint DoS protection and wildcard VS SYN cookie protection. BIG-IP Carrier-Grade NAT (CGNAT) eases IPv6 migration and improve network scalability with IPv4 address management. Combine BIG-IP CGNAT and other functions for a secure, subscriber-aware network firewall that masks subscriber addresses, or as part of an optimized N6 / S/Gi-LAN solution.
BIG-IP Policy Enforcement Manager (PEM) can create differentiated services and manage traffic by leveraging subscriber and application awareness and implement policies to enforce them. Furthermore, the solution is Network Equipment Building Systems (NEBS) compliant. A requirement in the USA, NEBS standards are used all over the world for commercial, utility, and defense applications. The standards are designed to ensure that the equipment continues to work at extreme temperatures, or after an extreme event, such as an earthquake or a severe thunderstorm.
Maximum Reliability
The reliability of your application infrastructure has never been as important as it is today. VELOS was designed from the ground up to provide maximum system reliability for your apps. VELOS uses two redundant system controllers, which can be paired in active-active or activestandby modes for fast failover. All common system components, such as power supplies and fans, also were designed with redundancy in mind. If one triggers an event, the other one keeps going. Administrators can swap out a failed module without disrupting system/no restart. They can also add or remove chassis blades without disrupting users or apps, and configure blades for N+N failover scenarios as well as failover to another VELOS chassis.
F5 duplicates system resources to avoid the type of catastrophic failures that are possible with other chassis-based designs. Every blade has two interfaces that are connected to separate system controllers via the backplane interface. This forms an active-active type connectivity on the backplane while the control/management plane is still activestandby, providing the redundancy across the system controllers. When a customer starts configuring and accessing the chassis, the floating point management IP lands on the primary controller. Without the customer having to duplicate the configuration, the second controller automatically syncs the configurations, licenses, orchestration info, logging, and so on with the primary controller, allowing the customer to manage just one device, and not both.
Migrating to VELOS
Developed to facilitate effortless shifts between BIG-IP solutions, the F5 Journeys Migration Tool can be used to simplify and accelerate migrations to VELOS. Journeys assists users in adopting newer platforms by providing a frictionless migration experience. It allows users to migrate from any source platform (F5 chassis, appliance, or VE) running any BIG-IP software version (on or above 11.x) to the platform of their choice. The tool assists in checking feature compatibility issues between different platforms and software versions, identifying and troubleshooting migration issues, and reducing overall complexity and time spent on migration.
F5’s Journeys Migration Tool within BIG-IP Central Manager also drastically reduces the time and effort required to convert existing BIG-IP configurations into configurations that are compatible with BIG-IP Next. Using BIG-IP AS3 as the foundation for this process, the tool transforms User Configuration Set (UCS) files or BIG-IP AS3 declarations describing some BIG-IP use case configurations into BIG-IP AS3 declarations that replicate these configurations on BIG-IP Next. This process can be performed on a per-app basis, allowing migrations to be performed at the user’s pace. Work with your F5 account manager to determine when it’s appropriate to transition to BIG-IP Next with F5 Journeys based on your use case.