1.5.3. New features¶
Statistics Dashboards
This is the real first step managing data statistics using a DCD (data collection device) evolving toward a true analytics platform. In this guide, we will explore setting up and establishing connectivity using master key to each DCD (data collection device).
- Enabling statistics for each functional area as part of the discovery process. This will allow BIG-IQ to proxy statistics gathered and organized from each BIG-IP device leveraging F5 Analytics iApp service (https://devcentral.f5.com/codeshare/f5-analytics-iapp).
- Configuration and tuning of statistic collections post discovery allowing the user to focus on data specific to their needs.
- Viewing and interaction with statistics dashboard, such as filtering views, differing time spans, selection and drilldown into dashboards for granular data trends and setting a refresh interval for collections.
Auto-scaling in a VMware cloud environment
You can now securely manage traffic to applications in a VMware cloud environment, specifying the parameters in a service scaling group to dynamically deploy and delete BIG-IP devices as needed. BIG-IQ manages the BIG-IP devices that are load balancing to the BIG-IP VE devices in the cloud, as well as to the BIG-IP devices’ application servers.
Auto-scaling in an AWS environment
You can now securely manage traffic to applications in a VMware cloud environment, specifying the parameters in a service scaling group to dynamically deploy and delete BIG-IP devices as needed. You can manage the BIG-IP VE devices from a BIG-IQ system on-premises, or in the cloud. You have the option to use an F5 AWS Marketplace license, or your own BIG-IP license.
BIG-IQ VE deployment in MS Azure
You can now deploy a BIG-IQ VE in a MS Azure cloud environment.
Intuitive visibility for all managed applications
BIG-IQ now provides an overview of all managed applications with the option for a more detailed view of each application. Both the overview and detailed views provide information about the application’s performance, Web Application Security status, and network statistics.
Easy application troubleshooting based on application traffic and security data
You can now enable enhanced analytics to view detailed application data in real-time, which allows you to isolate traffic characteristics that are affecting your application’s performance and security status.
Real-time notifications for monitored devices and applications
You can now receive real time alerts and events for BIG-IP devices and their connected applications. These notifications are integrated into the BIG-IQ UI charts and allow you to pinpoint activities that are currently affecting your application.
Enhanced HTTP and Web Application Security visibility for all applications
You can use the HTTP and Web Application Security Dashboards to monitor all applications managed by BIG-IQ Centralized Management. These dashboards allow you to compare applications, pool members, and other aspects of traffic to your applications. In addition, the enhanced view includes real time events and alerts within the charts, and enhanced analytics data.
Added object and management support for DNS features
Creating, reading, updating, and deleting DNS GSLB objects, and listeners is now supported from the BIG-IQ user interface and the API.
Visibility into managed service scaling groups
An automatically scalable environment of BIG-IP VE devices can be defined to provide services to a set of applications. System administrators of BIG-IQ Centralized Management can monitor performance data for these BIG-IP VE devices.
Enhanced DNS visibility & configuration
BIG-IQ provides the ability to configure and have an enhanced view into DNS traffic, which now includes both peak traffic values and average traffic values over a selected period of time.
Application templates
Enhanced application/service templates that make deployments simple and repeatable.
Security policies and profiles available in applications
You can now add security policies and profiles to applications, including Web Application Security policies, Network Security firewall policies, DoS profiles, and logging profiles.
Automatically deploy policy learning
You can now enable automatic deployment of policy learning using Web Application Security.
Extended ASM/advanced WAF management that includes
- Auto-deploy policy learning
- Brute-force attack event monitoring
- Event correlation
- Manage DataSafe profiles
- Initial ASM and HTTP monitoring dashboards
Enhanced AFM Management
- AFM and DoS event visualization
- Multi device packet tester
- Enhanced debugging
APM enhancements
- Management capabilities for APM Federation through BIG-IQ (SAML, IdP and SP)
- Management capabilities for APM SSO configuration for Web Proxy Authentication Support Through BIG-IQ
Manage cookie protection
You can now manage cookie protection for BIG-IP devices using Web Application Security.
Monitoring dashboard for Web Application Security statistics
You can review Web Application Security policy statistics using a graphical dashboard.
Manage DataSafe profiles
You can now manage DataSafe profiles using Fraud Protection Security.
Enhanced support for NAT firewalls
You can now use the enhanced NAT firewall support in Network Security.
Subscriber support in firewall rules
You can now add subscriber IDs and groups to firewall rules in Network Security for BIG-IP devices that support them.
Firewall testing using packet flow reports
You can now create and view packet flow reports to test firewall configurations in Network Security.
Support for multiple BIG-IP devices with packet tester reports
You can now select multiple BIG-IP devices when generating packet tester reports in Network Security.
Renaming of firewall objects supported
You can now rename firewall objects, such as firewall policies in Network Security.
Enhanced support for DoS profiles, device DoS configurations, and scrubber profiles
You can now manage additional features of DoS profiles, device DoS configurations, and scrubber profiles that are found in BIG-IP version 13.1, such as new vectors, stress-based mitigation, DNS dynamic signatures, and VLAN support in scrubber profiles.
Copying device DoS configurations
You can now copy device DoS configurations from one BIG-IP device to multiple BIG-IP devices with the same version.
Viewing logs for DoS and firewall events in the user interface
You can now configure and view logging of DoS and firewall events, and for DoS events, see that information in a graphical format.
Additional details can be found in the full release notes:
BIG-IP Versions AskF5 SOL with this info:
https://support.f5.com/kb/en-us/solutions/public/14000/500/sol14592.html