VIPRION | F5 Datasheet

VIPRION | F5 Datasheet

VIPRION

DATASHEET

What’s Inside

2 Increase Intelligence, Not

Operating Costs

2 Simplify Your Network

2 Maximize Large-Scale

Application and Firewall

Performance

3 Achieve Ultimate Reliability

3 The Advantages of VIPRION

Technology

7 VIPRION Platforms

11 F5 Global Services

11 More Information

The On-Demand Application

Delivery Controller

Your organization’s growing infrastructure puts more pressure on the network—from rising numbers of users to data center consolidation to the deployment of more featurerich applications. Scaling the Application Delivery Network (ADN) to meet these evolving needs means increased operational cost and complexity. The resulting strain on resources can limit your organization’s ability to react quickly to developing needs.

Each F5

®

VIPRION

®

platform is a single, powerful Application Delivery Controller (ADC) with modular performance blades you can add or remove with no disruption to your applications. Instead of adding more devices in the network and segmenting applications, you can simply add more power to your existing infrastructure as needs arise. VIPRION gives you the scalability you need to establish a solid and sustainable ADN growth strategy.

Key benefits

Reduce costs

Decrease OpEx and CapEx with the F5 ScaleN

™ architecture, which provides the unique flexibility to scale on demand, virtualize, and deliver application scaling in a device cluster.

Maximize performance

Manage and protect demanding apps with industry-leading layer 4 and layer 7 performance and SSL processing power.

Consolidate devices

Reduce the number of servers and ADCs along with power, space, cooling, and management requirements.

Achieve ultimate reliability

Make the ADN always available with redundancy at both the chassis and blade levels.

DATASHEET

VIPRION

VIPRION 4800 Chassis

VIPRION 4480 Chassis

VIPRION 2400 Chassis

VIPRION 2200 Chassis

VIPRION blades can be added or removed without disruption.

For more processing power, simply add a blade. It starts processing traffic automatically.

In a VIPRION system with multiple blades, you can remove a blade and the others instantly take over the processing load.

2

Increase Intelligence, Not Operating Costs

As your growing infrastructure requires more processing power for layer 4 and layer 7 processing, SSL, compression, and more, you can simply add a blade to the VIPRION chassis and it will start processing traffic automatically. Whether you’re using one blade or four, VIPRION remains one device with fixed management costs.

Simplify Your Network

VIPRION can help you simplify your network by offloading servers and consolidating devices, saving management costs as well as power, space, and cooling in the data center.

With VIPRION’s massive performance and scalability, you can reduce the number of

Application Delivery Controllers you need to deliver even the most demanding applications.

By offloading computationally intense processes, VIPRION can significantly reduce the number of application servers needed. VIPRION includes:

• SSL hardware acceleration—Offloads costly SSL encryption. Accelerates key exchange and bulk encryption to provide best-in-market SSL performance.

• Hardware compression—Enables you to cost effectively offload traffic compression processing from your servers. Improves page load times and reduces bandwidth utilization.

• F5 OneConnect™ connection pooling—Aggregates millions of TCP requests into hundreds of server-side connections. Increases server capacity and ensures requests are handled efficiently by the back-end system.

Maximize Large-Scale Application and Firewall Performance

With its industry-leading layer 4/7 throughput, connection processing, and SSL performance,

VIPRION can manage the most demanding applications, offload the servers, and consolidate the Application Delivery Network. In addition, as an ICSA Labs Certified firewall solution,

F5 BIG-IP

®

Advanced Firewall Manager ™ (AFM) on VIPRION provides native, high-performance network firewall services to protect public-facing websites and data center applications from distributed, multi-layer cyber attacks.

VIPRION high-performance and distributed denial-of-service (DDoS) protection capabilities are enabled through field-programmable gate array (FPGA) technology tightly integrated with the F5 traffic management operating system and software.

F5 embedded Packet Velocity

®

Acceleration (ePVA) FPGA delivers:

• High-performance interconnect between Ethernet ports and processors.

• L4 offload, enabling leading throughput and reduced load on software.

• Hardware-accelerated SYN flood protection.

• Hardware detection and mitigation of more than 65 types of denial-of-service (DoS) attacks.

• Native network overlay (VXLAN/NVGRE) support.

• Hardware-enabled DNS caching hyperscales responses for fast service and app delivery

(B2250).

• User selectable hardware profiles that enable different performance levels for targeted workloads. Initial profile options include optimized L4 throughput on select platforms for CGNAT or L4-centric traffic management solutions.

DATASHEET

VIPRION

With F5 Virtual Clustered

Multiprocessing,™ multiple virtual BIG-IP instances can be run on the VIPRION platform, each with dedicated CPU/ memory resources allocated by the user.

APP APP APP

APP APP APP

APP APP APP APP APP APP

Device and Application Service

Clustering provides true scale out of BIG-IP devices, automatic configuration syncing, and failover of specific application workloads in an active N+1 device cluster.

Achieve Ultimate Reliability

In a VIPRION system with multiple blades, you can remove a blade without disruption.

The other blades will instantly take over the processing load. You can also deploy VIPRION in an active/standby configuration to add another level of redundancy. The chassis is built with redundant power supplies and field swappable components. This multi-layered redundancy significantly reduces the possibility of downtime.

The Advantages of VIPRION Technology

With VIPRION, your organization will benefit from the unique F5 ScaleN architecture and patented hardware and software innovations that offer unmatched capabilities.

ScaleN architecture provides you with the ability to scale performance on demand, virtualize, or horizontally cluster multiple VIPRION chassis, creating an elastic Application Delivery

Networking infrastructure that can efficiently adapt as your business needs change.

On-demand scaling improves performance

Increase resource capacity and performance with on-demand scaling, where you can simply add more power to your existing infrastructure instead of adding more devices.

VIPRION chassis provide true linear scalability through modular blades that use F5 Clustered

Multiprocessing

(CMP) technology. As blades are added, their CPU resources, network interfaces, SSL, and compression processing power are all automatically available as the configurations and policies are copied to the new blades from the master blade.

Operational scaling enables consolidation

F5 is able to virtualize (ADC) services with a multi-tenant architecture that supports a variety of BIG-IP versions and product modules on a single device. Multi-tenant device virtualization is provided by F5’s unique Virtual Clustered Multiprocessing (vCMP) technology, which enables VIPRION to run multiple BIG-IP guest instances. Each BIG-IP guest instance looks and acts like a physical BIG-IP device, with a dedicated allocation of CPU, memory, and other resources. vCMP offers per-guest rate limiting for bandwidth and SSL, enabling customers to achieve different performance levels for each guest.

Each vCMP guest can further be divided using multi-tenant features such as partitions and route domains, which can isolate configuration and networks on a per-virtual-domain basis.

Within each virtual domain, organizations can further isolate and secure configuration and policies by using a role-based access system for greater administrative control.

The ability to virtualize BIG-IP ADC services means providers and enterprise users can isolate based on BIG-IP version, enabling departmental or project-based tenancy as well as performance guarantees, while getting the benefits of managing a single, consolidated application delivery platform and increased utilization of VIPRION systems.

Application scaling boosts capacity and resiliency

Increase capacity by adding BIG-IP resources through an all-active approach. With application scaling, you can scale beyond the traditional device pair to eliminate the need for idle and costly standby resources. Application scaling achieves this through two forms of horizontal clustering: Application Service Clustering, which focuses on application scalability and high availability, and Device Service Clustering, designed to efficiently and seamlessly scale BIG-IP application delivery services.

3

DATASHEET

VIPRION

VIPRION 4800 Chassis

VIPRON 4480 Chassis

(fan tray)

VIPRION 4480 Chassis

(power supplies)

VIPRION 2200 Chassis

(power supplies)

The VIPRION chassis has field-replaceable parts and redundant power supplies, significantly reducing the possibility of downtime.

Application Service Clustering delivers load-aware, application-level failover and comprehensive connection mirroring for a highly available cluster of up to eight heterogeneous devices. Workloads can be moved across a cluster of devices or virtual instances without interrupting other services and can be scaled to meet the business demand.

Device Service Clustering can synchronize full device configurations in an all-active deployment model, enabling consistent policy deployment and enforcement across devices up to 32 active nodes. This ensures a consistent device configuration that simplifies operations. vCMP

Operational Scaling

+ Multi-Tenant Virtualization

VIPRION Platform

On-Demand

Scaling

VIPRION Platform

Application Scaling

The ScaleN architecture provides the ultimate flexibility to scale on demand, virtualize, and deliver application scaling through device clusters.

CPUs ePVA

CPUs

High Speed Bridge

Disaggregator Switch Fabric

CPUs

High Speed Bridge

CPUs ePVA

Disaggregator Switch Fabric

Client

Disaggregator ePVA

Switch Fabric

High Speed Bridge

Disaggregator Switch Fabric

High Speed Bridge ePVA

Servers

CPUs CPUs CPUs CPUs

VIPRION 4480 with four 4300 blades: The VIPRION 4300 blade has 12 processor cores (a total of 24 hyperthreaded logical processing cores), and the VIPRION 4480 chassis can support four blades.

The VIPRION 4800 chassis can support eight 4300 blades.

4

DATASHEET

VIPRION

5 ePVA

Disaggregator

CPUs

High Speed Bridge

Switch Fabric

CPUs

High Speed Bridge

Disaggregator ePVA

Switch Fabric

Client

Disaggregator ePVA

Switch Fabric

High Speed Bridge

Servers

CPUs

VIPRION 2400 with four 2250 blades: The VIPRION 2150 blade has four processor cores (a total of eight hyperthreaded logical processing cores), and the 2250 blade has 10 processor cores (a total of

20 hyperthreaded logical processing cores). The VIPRION 2400 chassis can support up to four 2150 or 2250 blades. The VIPRION 2200 chassis can support two 2150 or 2250 blades.

Note: Only the same type of supported blades are enabled for traffic processing in each chassis.

Virtualized processing fabric shares the load across blades

Using custom disaggregation, high-speed bridge FPGAs, and advanced Clustered

Multiprocessing (CMP) design, VIPRION shares the processing load not just within a blade, but across the entire chassis.

The physical interfaces are fully meshed. Any port on any blade can be used for any application, so the system can be wired for redundancy and simplicity.

Clustered management cuts administration time

Spend less time managing your Application Delivery Network. To administrators, the

VIPRION unit looks like a single ADC. One blade is automatically selected as the primary, and all settings and controls are mirrored to the other blades. When a new blade is plugged in, it will install the firmware version from the primary blade, copy all of its settings, and begin processing traffic within minutes.

SuperVIP simplifies the network

Rather than requiring that a single, demanding application be segmented, VIPRION uses

F5 SuperVIP

®

. This is a virtual IP that can span multiple blades within the VIPRION system.

A demanding application will use SuperVIP to harness the processing power of all the blades in the system.

TMOS delivers performance and flexibility

At the heart of VIPRION is the F5 unique operating system called TMOS

®

that provides a unified system for optimal application delivery, giving you total vision, flexibility, and control across all services. TMOS

®

empowers VIPRION to intelligently adapt to the diverse and evolving requirements of applications and networks.

DATASHEET

VIPRION

Hardware DDoS approach mitigates attacks

F5 uses a collaborative software SYN cache and hardware SYN cookie approach to protect against large-scale SYN flood DDoS attacks. Using the embedded Packet Velocity

Acceleration (ePVA) FPGA, select VIPRION platforms provide significantly higher performance

(up to 640 million SYN cookies per second) over a pure software implementation.

When a SYN flood is detected, the ePVA turns on the F5 SYN Check

feature to prevent invalid sessions from getting to the servers or exhausting blade resources. SYN Check is unique in that it can be applied on a per-virtual-IP/application basis, meaning if one application is under attack, the others are not affected. F5 is the only ADC that implements hardware-based SYN cookies in L4 and full-proxy L7 mode.

6

DATASHEET

VIPRION

VIPRION Platforms

Each VIPRION system consists of a chassis and one to eight blades.

Specifications

Dimensions:

Weight:

Power Supply:

Operating Temperature:

Relative Humidity:

Safety Agency Approval:

Certifications/Susceptibility

Standards

VIPRION 4800 Chassis

27.8” (70.6 cm) H x 17.4” (44.2 cm) W x 21.25” (54.0 cm) D

16U industry standard rack-mount chassis

126 lbs. (57.2 kg)

(2 power supplies, 2 fan trays, 8 blanks)

One to four 200 VAC to 240 VAC (2600W) auto ranging

(80+ Gold Efficiency) (2 power supplies included)

18A per input (max)

DC power (option)

One to four 2600W -44 to -72 VDC

80A per input maximum per supply

Note: Please refer to the Platform Guide: VIPRION 4800 on askf5.com for the latest specific AC power ratings.

32° to 104° F (0° to 40° C)

5 to 85% at 104° F (40° C)

UL 60950 (UL1950-3)

CSA-C22.2 No. 60950-00

(bi-national standard with UL 60950)

CB test certification to IEC 950 EN 60950

EN55022 1998 Class A

EN55024 1998 Class A

FCC Part 15B Class A

VCCI Class A

VIPRION 4480 Chassis

12.2” (30.9 cm) H x 17.4” (44.2 cm) W x 21” (53.3 cm) D

7U industry standard rack-mount chassis

87 lbs. (39.5 kg)

(4 power supplies, 1 fan tray, 3 blanks)

One to four 90 VAC (1200W) to 240 VAC (2000W) auto ranging

20A per input line (max)

DC power (option)

One to four 1200W -36 to -72 VDC

10 to 40A maximum per supply

Note: Please refer to the Platform Guide: VIPRION 4400 on askf5.com for the latest specific AC power ratings.

32° to 104° F (0° to 40° C)

5 to 85% at 104° F (40° C)

UL 60950 (UL1950-3)

CSA-C22.2 No. 60950-00

(bi-national standard with UL 60950)

CB test certification to IEC 950 EN 60950

EN55022 1998 Class A

EN55024 1998 Class A

FCC Part 15B Class A

VCCI Class A

NEBS Certified

7

DATASHEET

VIPRION

Specifications VIPRION 4340N/4300 Blade

Intelligent Traffic Processing:

Hardware DDoS Protection:

Software Architecture:

Virtualization (Max Number of vCMP Guests):

2M L7 requests per second (B4340N)

2.5M L7 requests per second (B4300)

1.1M L4 connections per second (B4340N)

1.4M L4 connections per second (B4300)

14M L4 HTTP requests per second

36M max L4 concurrent connections (B4300)

72M max L4 concurrent connections (B4340N)

80 Gbps L4, 40 Gbps L7

1.2 Gbps included compression

20 Gbps max hardware compression

Included SSL TPS: 12,000/blade

Max SSL TPS: 30,000 (2K keys)

Bulk crypto: 20 Gbps

Note: Compression and SSL resources are allocated evenly across the number of vCMP guests set up.

Hardware SYN cookies: 80M SYN cookies per second

64-bit TMOS

24 in a 4480 chassis, 48 in a 4800 chassis (6 per blade)

Processors:

2 Intel hex (6) core processors (total 24 hyperthreaded logical processor cores)

Memory:

Hard Drive Capacity:

Network Interfaces:

Power Consumption and

Heat Output:

Weight:

96 GB (4340N)

48 GB (4300)

600 GB hard drive

One 10/100/1,000 Mbps Ethernet management port

Eight 1,000 Mbps/10 Gigabit ports (SFP+)

(2 ea. 10GBASE-SR – 850nm transceivers included)

(Optional 1G SFP fiber SX or LX or copper RJ45 transceivers,

10G SFP+ SR or LR, 10G copper direct attach)

Two 40 Gigabit (or eight 10 Gigabit) fiber ports (QSFP+)

(QSFP+ 40GBASE-SR4 100m transceivers sold separately)

(QSFP+ optical breakout cable assemblies available to convert to 10 Gigabit ports)

Note: Only optics provided by F5 are supported.

Note: Please refer to the Platform Guide: VIPRION 4800 or the Platform Guide: VIPRION 4400 on askf5.com for the latest specific blade power ratings.

18.5 lbs. (8.39 kg)

8

DATASHEET

VIPRION

Specifications

Dimensions:

Weight:

Power Supply:

Operating Temperature:

Relative Humidity:

Safety Agency Approval:

VIPRION 2400 Chassis

6.89” (17.5 cm) H x 17.64” (44.8 cm) W x 21.18” (53.8 cm) D

4U industry standard rack-mount chassis

42.5 lbs. (19.3 kg)

(3 blank line cards, 0 power supplies, 0 blades, 1 fan tray)

AC power supply

One to two 100-127 VAC (1200W)/200-240 VAC (1400W) auto ranging (80+ Gold Efficiency)

17A per input line (max)

DC power supply (option)

One to two 1400W 44 to 65 VDC

44A per input (max)

Note: Please refer to the Platform Guide: VIPRION 2400 on askf5.com for the latest specific power ratings.

32° to 104° F (0° to 40° C)

5 to 85% at 104° F (40° C)

EN 60950-1:2006, 2nd Edition

Evaluated to all CB Countries

UL 60950-1, 2nd Edition, CSA C22.2 No. 60950-1-03

Certifications/Susceptibility

Standards

FCC Part 15 Class A

VCCI Class A

EN 300 386 V1.3.2 (2003-05)

EN 55022:2006 + C1:2006

EN 61000-3-2:2000

EN 61000-3-3:1995 +A1:2000

EN 55022:2006 + C1:2006 Class A

EN 61000-3-3:1995 +A1:2000+ A2:2005

EN 55024:1998 +A1: 2001 +A2:2003

VIPRION 2200 Chassis

3.4” (8.6 cm) H x 17.3” (44.0 cm) W x 24.5” (62.2 cm) D

2U industry standard rack-mount chassis

31.0 lbs. (14.1 kg)

(1 blank line card, 0 power supplies, 0 blades, 1 fan tray)

AC power supply

One to two 100-240 VAC (800W)

50/60 Hz auto ranging

10A per input line (max)

DC power supply (option)

Note: Please refer to the Platform Guide: VIPRION 2200 on askf5.com for the latest specific power ratings.

32° to 104° F (0° to 40° C)

5 to 85% at 104° F (40° C)

EN 60950-1:2006 + A11:2009 + A1:2010 + A12:2011

IEC 60950-1:2005, A1:2009

CSA 60950-1-07, Including Amendment 1:2011

ANSI/UL 60950-1-2011

Evaluated to all CB Countries

FCC Part 15 Class A

VCCI Class A

ETSI EN 300 386 V1.5.1 (2010)

EN 55022:2010 Class A

EN 61000-3-2:2006 A1:2009+A2:2009

EN 61000-3-3:2008

EN 55024:2010

EN 55022:2010 Class A

EN 61000-3-2:2006 A1:2009+A2:2009

EN 61000-3-3:2008

9

DATASHEET

VIPRION

Specifications VIPRION 2250 Blade VIPRION 2150/2100 Blade

Intelligent Traffic Processing:

Hardware DDoS Protection:

Software Architecture:

Virtualization (Max Number of vCMP Guests):

2M L7 requests per second

1M L4 connections per second

14M L4 HTTP requests per second

48M max L4 concurrent connections

80 Gbps L7/L4 throughput (C2400)

155* Gbps L4, 80 Gbps L7 throughput (C2200)

1 Gbps included compression

40 Gbps maximum hardware compression

Included SSL TPS: 10,000 TPS (2K keys)

Maximum SSL TPS: 44,000 TPS (2K keys)

Bulk crypto: 36 Gbps

Note: Compression and SSL resources are allocated evenly across the number of vCMP guests set up.

Hardware SYN cookies: 60M SYN cookies per second

64-bit TMOS

80 (4 B2250 blades, 20 per blade)

Processors:

Single Intel 10-core Xeon processor (total 20 hyperthreaded logical processor cores)

Memory:

Hard Drive Capacity:

Network Interfaces:

Power Consumption and

Heat Output:

64 GB

One 800 GB solid state drive

One 10/100/1,000 Mbps Ethernet management port

Four 40 Gigabit (or sixteen 10 Gigabit) fiber ports (QSFP+)

(QSFP+ 40GBASE-SR4 100m transceivers sold separately)

(QSFP+ optical breakout cable assemblies available to convert to 10 Gigabit ports)

Note: Only optics provided by F5 are supported.

Note: Please refer to the Platform Guide: VIPRION 2400 or

Platform Guide: VIPRION 2200 on askf5.com for the latest relevant blade power ratings.

10.0 pounds (4.5 kg)

1M L7 requests per second

400K L4 connections per second

7M L4 HTTP requests per second

12M max L4 concurrent connections (B2100)

24M max L4 concurrent connections (B2150)

40 Gbps L4, 18 Gbps L7

400 Mbps included compression

10 Gbps maximum hardware compression

Included SSL TPS: 4,000/Blade

Maximum SSL TPS: 10,000 TPS (2K keys)

Bulk crypto: 9 Gbps

Note: Compression and SSL resources are allocated evenly across the number of vCMP guests set up.

Hardware SYN cookies: 40M SYN cookies per second

64-bit TMOS

32 (4 B2150 blades, 8 per blade)

16 (4 B2100 blades, 4 per blade)

Single Intel quad core Xeon processor (total 8 hyperthreaded logical processor cores)

32 GB (B2150)

16 GB (B2100)

400 GB solid state drive (B2150)

300 GB 10,000 RPM (B2100)

One 10/100/1,000 Mbps Ethernet management port

Eight 1,000 Mbps/10 Gbps SFP+ ports

(2 ea. 10GBASE-SR – 850nm transceivers included)

(Optional 1G SFP fiber SX or LX) or copper RJ45 transceivers, 10G SFP+ SR or LR, 10G copper direct attach)

Note: Only optics provided by F5 are supported.

Note: Please refer to the Platform Guide: VIPRION 2400 or

Platform Guide: VIPRION 2200 on askf5.com for the latest relevant blade power ratings.

9.5 lbs. (4.3 kg)

*

Weight:

*Requires TMOS v11.6 and selecting L4 Performance Optimized FPGA firmware configuration option (see BIG-LTM Manual on askf5.com for specific instructions).

10

DATASHEET

VIPRION

F5 Global Services

F5 Global Services offers world-class support, training, and consulting to help you get the most from your F5 investment. Whether it’s providing fast answers to questions, training internal teams, or handling entire implementations from design to deployment, F5 Global

Services can help ensure your applications are always secure, fast, and reliable. For more information about F5 Global Services, contact [email protected]

or visit f5.com/support .

More Information

For more information about VIPRION, visit f5.com

to find these resources. For the latest product specifications, see the applicable platform guide on askf5.com

.

Datasheets

BIG-IP Local Traffic Manager

BIG-IP Application Security Manager

BIG-IP DNS

BIG-IP Access Policy Manager

BIG-IP Application Acceleration Manager

BIG-IP Advanced Firewall Manager

BIP-IP Policy Enforcement Manager

BIG-IP Carrier-Grade NAT

White papers

Clustered Multiprocessing: Changing the Rules of the Performance Game

Virtual Clustered Multiprocessing (vCMP)

The Application Delivery Firewall Paradigm

BIG-IP Application Delivery Hardware: A Critical Component

ScaleN: Elastic Infrastructure

Multi-Tenancy Security with vCMP

11

F5 Networks, Inc. 401 Elliott Avenue West, Seattle, WA 98119 888-882-4447 f5.com

Americas [email protected]

Asia-Pacific [email protected]

Europe/Middle East/Africa [email protected]

Japan [email protected]

©2015 F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. Other F5 trademarks are identified at f5.com.

Any other products, services, or company names referenced herein may be trademarks of their respective owners with no endorsement or affiliation, express or implied, claimed by F5. DC0714 DS-BIGIP-41150 0715

Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement