Migrating to Progress Kemp LoadMaster from F5 or NetScaler: A Practical Guide

If you are running F5 or NetScaler load balancers and feeling the squeeze from end-of-life deadlines, licensing changes or rising costs, you're not alone. In a live demonstration, Progress product experts broke down why many organizations are moving to the Progress Kemp LoadMaster solution and how migration works.

They walked through a proven four-phase approach (discovery, parallel deployment, cut over and validation), shared lessons from real customer migrations and demoed the LoadMaster interface to show how quickly you can spin up a virtual service, manage certificates and configure content rules. 

Whether you're weighing the F5 I-series end-of-support deadline in January 2027 or rethinking your NetScaler spend after their licensing changes, the webinar provides a view of what an alternative looks like.

Watch the Full Webinar Recording

If you want to get the information Kurt and Mike covered directly from the webinar recording, then use the link below.

Migrate from F5 and NetScaler: Real World Strategies and Customer Wins

For a summary of what they discussed, read on.

Why Organizations Are Moving Away from F5 and NetScaler

The demonstration began with an outline of the market forces driving organizations to reconsider their load balancing vendors. The primary catalyst on the F5 side is the end-of-support deadline for the I-series appliances on January 1st, 2027. Many I-series appliances still operate in production environments and F5 customers now face a decision: move to the R-series or consider alternatives. Either path requires migration, since moving to the R-series isn't a simple operation, even with the tools F5 provides.

On the NetScaler side, the recent end of perpetual licensing and the file-based licensing deadline have forced customers onto consumption models they didn't choose. 

Beyond licensing, Kurt highlighted operational complexity as a recurring theme. F5 and NetScaler environments often depend on one or two specialists who understand iRules and configuration nuances, creating real organizational risk if these experts leave. We hear frequently that organizations want more IT team members capable of managing load balancers, not just a few specialists.

Cost rounds out the trio of motivators driving migration from F5 and NetScaler. F5 offers genuinely unique features, but most customers use only a small fraction of them while paying for the full feature set. The new NetScaler license options do not meet every organization's needs. 

The LoadMaster load balancer is a simpler, more flexible alternative with a lower total cost of ownership, without sacrificing the functionality and security required in today's application and threat landscape.

Where LoadMaster Fits

The LoadMaster solution runs wherever your applications run. On-premises hardware appliances start at 1 Gbps and scale up to 100 Gbps, with higher-throughput models on the roadmap. Virtual deployments support all major hypervisors and offer full feature parity with the hardware models. Public cloud customers can deploy directly from the AWS and Azure marketplaces, and guidance is available for deploying to Google Cloud via virtual machines.

LoadMaster 360 provides a unified view of your entire fleet, including license and backup management, enhanced WAF capabilities, application delivery observability and more.

Licensing remains flexible across all form factors. Perpetual licensing is still available for hardware, virtual and cloud deployments. Subscription options cover single- and multi-year terms. A pooled licensing model, managed through LoadMaster 360, lets teams spin up new LoadMaster instances within the available bandwidth pool without going through procurement each time. Bandwidth can also shift between LoadMaster instances as application needs change.

Capabilities come in three tiers. Standard includes core load balancing, TLS/SSL termination, rate limiting and ACLs. Enterprise adds pre-authentication, single sign-on, Kubernetes ingress, zero-trust capabilities and network performance monitoring. Enterprise Plus includes global server load balancing (equivalent to F5's GTM) and the WAF for backend workload protection. Our expert team can help you pick the tier that best suits your needs.

A Four-Phase Migration Approach

The presenters then discussed a four-phase approach to migrating from F5 or NetScaler to the LoadMaster solution. 

Mike walked through the migration process that Progress uses with customers. It starts with a discovery and assessment call, during which the team reviews your existing environment (whether that's NetScaler, F5, Brocade or another vendor) and confirms that everything translates one-to-one to the LoadMaster solution. Mike outlined that this direct mapping works 99% of the time without needing drastic architectural changes.

Next comes a free 30-day trial, which includes full features and support. Customers can deploy as many trial instances as needed to validate the design before committing to a license and support package purchase.

The third phase is parallel deployment with professional services support. Both load balancer deployments run simultaneously, with the LoadMaster solution configured on new IPs that don't conflict with the existing setup. This allows the team to test thoroughly before any traffic shifts. Cutover can occur by changing IPs on the LoadMaster solution while isolating the old appliance, or by changing DNS records. After-hours cutovers can occur within the professional services engagement at no extra cost.

The final phase is validation. The team monitors traffic for a couple of weeks, and only after confirming stable operation does it decommission the old load balancer. If something gets missed during cutover (which Mike noted is rare), rollback takes minutes because the original environment remains intact.

Throughout the engagement, customer IT teams (or their MSPs) work alongside the Progress team rather than handing the project off to them. The configuration work often gets recorded, so the customer team learns the LoadMaster platform during the migration rather than afterward. Provided training covers administration, integration, monitoring (e.g., syslog and SNMP) and automation using PowerShell and the REST API.

A Real Migration Example and Demo

Mike discussed an example of a larger engagement he was involved in. A migration that comprised over 100 virtual servers. After a kickoff meeting and pre-check, the full migration (config creation, training and cutover) took about six weeks, with a single successful cutover and no rollback. He also referenced a multi-site law firm migration with around 300 virtual servers across four sites, which took longer but followed the same playbook.

Mike gave a live demo showing how quickly someone can spin up a virtual service on the LoadMaster platform. While F5 and NetScaler often require separate steps for VIPs, server pools, health checks and TLS/SSL profiles, the LoadMaster solution handles everything on a single screen. He created a VIP, added a real server, watched the built-in HTTP health check pass and had a working load-balanced website in under a minute.

He also walked through the broader configuration options: persistence and scheduling methods, quality of service, TLS/SSL offloading and re-encryption, content switching, the WAF (which some customers buy a LoadMaster solution for even without load balancing) and Edge Security Pack (ESP) for adding authentication services for applications that lack it natively.

Mike covered certificate management to demonstrate how straightforward it is. The LoadMaster solution natively supports PFX and PEM imports and certificates can be assigned directly to virtual services without separate TLS/SSL profile mapping. The LoadMaster solution also supports ACME-based certificate renewals with Let's Encrypt and DigiCert, which is increasingly important as certificate lifespans shrink toward the planned 47-day window by 2029.

Content rules use regex rather than the programming-language style of F5 iRules and NetScaler policies. Mike acknowledged that this could complicate the migration of complex content-switching logic, which is one reason professional services involvement helps with larger migrations. The cipher set configuration is fully customizable: built-in sets like FIPS work out of the box, but security teams can clone and modify any set to meet specific compliance requirements.

Final Thoughts

Migration to the LoadMaster solution from F5 or NetScaler could be as simple as migrating to different F5 products, or adapting to the new licensing model NetScaler has imposed (and also switched to for Citrix).

We encourage you to watch the webinar recording to hear Kurt and Mike's in-depth overview of this topic and to see the demo. Find out more about the LoadMaster solution on our product pages.