What’s coming in BIG-IP Next Access and SSL Orchestrator

Table of Contents

In April, BIG-IP Next version 20.2 was posted to the F5 download site. This is a Limited Availability release that contains Access and SSL Orchestrator functionality on BIG-IP Next.

SSL Orchestrator details

New Functionality/Features

Support for Data Groups

SSL Orchestrator now supports using data groups while defining a policy condition. If you have created a data group in Central Manager, you can select the data group from the value drop-down while defining a policy condition.

Declarative API

An API-first, fully declarative configuration environment, through F5 AS3, Ansible, Terraform, and other options.

Container-native architecture

Divided into container-based software modules, BIG-IP Next accelerates application delivery with app services that can be deployed and managed wherever they’re needed. These services are supported by programmatic interfaces that are declarative and backward compatible. Its architecture enables quicker setup as well as more frequent and simpler upgrading and updating. It streamlines security management, eases purchasing and managing licenses, and robustly protects any app, anywhere.

Supported Deployment Modes/Type:

  • Inbound Application (Layer 3)
  • Inbound Gateway (Layer 3)

Supported Inspection Services:

  • Generic TAP
  • Generic ICAP
  • Generic Inline L3
  • HTTP Transparent Inline
  • HTTP Explicit Inline

Coming Soon (June/July)

Supported Deployment Modes/Type:

  • Outbound Gateway (Layer 3)

Supported Inspection Services:

  • Generic Layer 2

Resources

*The SSLO Orchestrator articles in DevCentral are available in the Community Group “BIG-IP Next Academy”. You must have a DevCentral account and request access to this group in order to view these articles. Click HERE to get started.

Next Access details

New Functionality/Features

Access as Code

An API-first, fully declarative configuration environment, through F5 AS3, Ansible, Terraform, and other options.

Simplified policy management

Simple policy creation and management regardless of policy complexity for both basic and advanced use cases via Visual Policy Designer (VPD) or API.

Centralized management

Holistic approach to management through Next CM with global session support and shared pool of licenses.

Container-native architecture

Divided into container-based software modules, BIG-IP Next accelerates application delivery with app services that can be deployed and managed wherever they’re needed. These services are supported by programmatic interfaces that are declarative and backward compatible. Its architecture enables quicker setup as well as more frequent and simpler upgrading and updating. It streamlines security management, eases purchasing and managing licenses, and robustly protects any app, anywhere.

Supported features:

  • SAML as Service Provider
  • OAuth Client
  • OAuth Resource Server
  • Multiple SSOs Types (Kerberos, HTTP Basic, OAuth Bearer, Forms and Client-initiated Forms)
  • Per-Session HTTP Connector
  • AD, LDAP, Client Cert Authentication, CRLDP Authentication
  • Resources: Webtops, Webtop Sections, Network Access, ACLs
  • VPN – Full & Split Tunnel (IPv4)
  • VPN – Client Installer Customization
  • VPN – CCU Utilization Dashboard

Coming Soon (June/July)

Supported features:

  • Access policy versioning
  • JSON formatted logging
  • Global Session support
  • DHCP server support for VPN

Resources

*The Next Access articles in DevCentral are available in the Community Group “BIG-IP Next Academy”. You must have a DevCentral account and request access to this group in order to view these articles. Click HERE to get started.

Updated May 14, 2024
Version 3.0
big-ip next
BIG-IP Next Access
security
SSL Orchestrator

Was this article helpful?

No CommentsBe the first to comment