F5 VIPRION 2400
Up to Four B2250 Blades to its Chassis

The Advantages of VIPRION Technology:

With VIPRION, your organization benefits from the unique F5 ScaleN architecture and patented hardware and software innovations that offer unmatched capabilities.

ScaleN architecture provides the ability to scale performance on demand, virtualize, or horizontally cluster multiple VIPRION chassis, creating an elastic Application Delivery Networking infrastructure that can efficiently adapt as your business needs change.

On-demand scaling improves performance

Increase resource capacity and performance with on-demand scaling, where you can simply add more power to your existing infrastructure instead of adding more devices. VIPRION chassis provide true linear scalability through modular blades that use F5 Clustered Multiprocessing (CMP) technology. As blades are added, their CPU resources, network interfaces, SSL, and compression processing power all automatically become available as the configurations and policies are copied to the new blades from the master blade.

Operational scaling enables consolidation

F5 is able to virtualize services with a multi-tenant architecture that supports a variety of BIG-IP versions and product modules on a single device. Multi-tenant device virtualization is provided by F5’s unique Virtual Clustered Multiprocessing (vCMP) technology, which enables VIPRION to run multiple BIG-IP guest instances. Each BIG-IP guest instance looks and acts like a physical BIG-IP device, with a dedicated allocation of CPU, memory, and other resources. vCMP offers per-guest rate limiting for bandwidth and SSL, enabling customers to achieve different performance levels for each guest.

Each vCMP guest can further be divided using multi-tenant features such as partitions and route domains, which can isolate configuration and networks on a per-virtual-domain basis. Within each virtual domain, organizations can further isolate and secure configuration and policies by using a role-based access system for greater administrative control.

The ability to virtualize BIG-IP ADC services means service providers and enterprise users can isolate based on BIG-IP version, enabling departmental or project-based tenancy as well as performance guarantees, while getting the benefits of managing a single, consolidated application delivery platform and increased utilization of VIPRION systems.

Application scaling boosts capacity and resiliency

Increase capacity by adding BIG-IP resources through an all-active approach. With application scaling, you can scale beyond the traditional device pair to eliminate the need for idle and costly standby resources. Application scaling achieves this through two forms of horizontal clustering: Application Service Clustering, which focuses on application scalability and high availability, and Device Service Clustering, designed to efficiently and seamlessly scale BIG-IP application delivery services.

Application Service Clustering delivers load-aware, application-level failover and comprehensive connection mirroring for a highly available cluster of up to eight heterogeneous devices. Workloads can be moved across a cluster of devices or virtual instances without interrupting other services and can be scaled to meet demand.

Device Service Clustering can synchronize full device configurations in an all-active deployment model, enabling consistent policy deployment and enforcement across devices up to 32 active nodes. This ensures a consistent device configuration that simplifies operations.

The ScaleN architecture provides the ultimate flexibility to scale on demand, virtualize, and deliver application scaling through device clusters.

VIPRION 4800 and VIPRION 4480 chassis: The VIPRION 4800 chassis supports up to eight blades, and the VIPRION 4480 chassis supports up to four blades. The VIPRION 4450 blade has 24 processor cores (a total of 48 hyperthreaded logical processing cores), and the VIPRION 4300 blade has 12 processor cores (a total of 24 hyperthreaded logical processing cores).

VIPRION 2400 and VIPRION 2200 chassis: The VIPRION 2400 chassis can support up to four 2150 or 2250 blades. The VIPRION 2200 chassis can support two 2150 or 2250 blades. The VIPRION 2250 blade has 10 processor cores (a total of 20 hyperthreaded logical processing cores), and the VIPRION 2150 blade has four processor cores (a total of eight hyperthreaded logical processing cores).

Note: Only the same type of supported blades are enabled for traffic processing in each chassis. Different blade models cannot be mixed within the same chassis. Only optics provided by F5 are supported.

Virtualized processing fabric shares the load across blades

Using custom disaggregation, high-speed bridge FPGAs, and advanced Clustered Multiprocessing (CMP) design, VIPRION shares the processing load not just within a blade, but across the entire chassis. The physical interfaces are fully meshed. Any port on any blade can be used for any application, so the system can be wired for redundancy and simplicity.

Clustered management cuts administration time

Spend less time managing your Application Delivery Network. To administrators, the VIPRION unit looks like a single ADC. One blade is automatically selected as the primary, and all settings and controls are mirrored to the other blades. When a new blade is plugged in, it will install the firmware version from the primary blade, copy all of its settings, and begin processing traffic within minutes.

SuperVIP simplifies the network

Rather than requiring that a single, demanding application be segmented, VIPRION uses F5 SuperVIP. This is a virtual IP that can span multiple blades within the VIPRION system. A demanding application will use SuperVIP to harness the processing power of all the blades in the system.

TMOS delivers performance and flexibility

At the heart of VIPRION is the F5 unique operating system called TMOS that provides a unified system for optimal application delivery, giving you total vision, flexibility, and control across all services. TMOS empowers VIPRION to intelligently adapt to the diverse and evolving requirements of applications and networks.

Hardware DDoS approach mitigates attacks

F5 uses a collaborative software SYN cache and hardware SYN cookie approach to protect against large-scale SYN flood DDoS attacks. Using the embedded Packet Velocity Acceleration (ePVA) FPGA, select VIPRION platforms provide significantly higher performance (up to 640 million SYN cookies per second) over a pure software implementation.

When a SYN flood is detected, the ePVA turns on the F5 SYN Check feature to prevent invalid sessions from getting to the servers or exhausting blade resources. SYN Check is unique in that it can be applied on a per-virtual-IP/application basis, meaning if one application is under attack, the others are not affected. F5 is the only ADC that implements hardware-based SYN cookies in L4 and full-proxy L7 mode.

Blade options enable superior performance and security

Given constantly increasing demands for connectivity and growing concerns about tenacious and complex attacks, service providers and enterprises need solutions that keep up. VIPRION blade options deliver flexibility and efficient scaling capabilities. Notably, these options include the purpose-built 4450 blade, which is Network Equipment-Building Systems (NEBS) compliant and offers two 100 GbE ports and six 40 GbE ports for superior efficiency, throughput, and performance. In a fully loaded VIPRION 4800 eight-blade chassis, the 4450 blade supports around 1.2 billion concurrent connections to scale for today’s Internet of Things and into the future.

The 4450 blade is the first ADC to provide 100 GbE ports in the QSFP28 form factor, the leading form factor for data centers adopting 100 GbE, providing the smallest footprint and lowest power consumption of any 100 GbE form factors. The 4450 blade delivers significant performance improvements for 2K keys with SSL as well as for ECC, enhancing PFS capabilities.

The 4450 blade’s advanced FPGAs significantly improve CPU utilization and expand whitelisting, blacklisting, and graylisting capabilities. The software-defined hardware capabilities of the FPGAs, memory, and hardware search enable the VIPRION 4450 blade to efficiently deliver software-defined networking (SDN), providing CPU offloading, optimization, and adaptability, while simplifying the migration to network function virtualization (NFV). The 4450 blade also supports up to 12 vCMP guests for multi-tenant app and security services architectures.

The VIPRION 4450 blade, in conjunction with the VIPRION 4480 or 4800 chassis, enhances performance, enables dynamic resource allocation, and maximizes service consolidation. The superior performance and capacity scale in linear fashion with each additional blade, and traffic begins being processed automatically after a blade addition. When deployed with BIG-IP Advanced Firewall Manager (AFM), F5’s high-performance, stateful, full-proxy firewall, the 4450 blade quickly ramps to mitigate even the worst DDoS attacks, distinguishing between malicious and legitimate connections and discarding malicious connections before they can devastate network resources. When combined with BIG-IP Application Security Manager (ASM), F5’s agile, scalable web application firewall, the solution can mitigate and defend against nearly any L7 attack, too.

VIPRION 2250 Blades:

The purpose-built VIPRION 2250 blade delivers four 40GbE ports and supports 48M concurrent connections with 80Gbps of L4 throughput. In the VIPRION 2400 or 2200 chassis, the 2250 blade delivers significant SSL performance, advanced FPGAs, CPUs, and memory that handles and efficiently addresses enterprise data center, private cloud, and software-defined networking (SDN) needs. The 2250 blade incorporates enterprise-class, solid-state drive (SSD) storage for improved disk i/o performance and reliability. For Layer-4 centric workloads like CGNAT and traffic management, users can select an optimized performance profile that approximately doubles the throughput to 155Gbps.
*Compatible with the VIPRION 2400 and VIPRION 2200 chassis.

*Requires TMOS v11.6 and selecting L4 Performance Optimized FPGA firmware configuration option (see BIG-LTM Manual on askf5.com for specific instructions).

Specifications:

Services:

F5 Global Services

F5 Global Services offers world-class support, training, and consulting to help you get the most from your F5 investment. Whether it’s providing fast answers to questions, training internal teams, or handling entire implementations from design to deployment, F5 Global Services can help ensure your applications are always secure, fast, and reliable.

Documentation:

Download the F5 VIPRION Platforms Datasheet (.PDF)