6 Reasons You Need to Replace Your F5 Load Balancer

Posted on

There are many options available to IT teams when it comes to choosing load balancers for their organizations. Indeed, it can often be hard to determine which vendor and product set meets the needs and provides the best ROI. In situations like this, people will often choose based on the current market share and visibility of a vendor in the marketplace. At present, for many organizations, the default choice is to buy from F5. 

This is the latest in a long line of IT industry maxims of the form “Nobody ever got fired for buying …” with that ellipse replaced with IBM, Cisco, and Microsoft over the last few decades. In the load balancer marketplace, F5 is often the replacement in that sentence. Due to their market visibility and inertia rather than best fit and ROI. Please don’t take me wrong in this article. I’m not saying that F5 is a poor solution. I am saying that it may not be the best solution for every project, and organizations can get a better solution to meet their needs with much lower Capex and Opex costs. You may not get fired for buying F5, but you’ll definitely not get fired for saving your organization a significant amount of money while delivering a technical solution that’s easier to deploy and manage than F5. Kemp LoadMaster load balancers provide these benefits. In the sections below, we list six reasons why Kemp LoadMaster may be a better choice than F5. 

Before we do that, I want to take this opportunity to remind you about the Kemp Webinars on BrightTALK. We have a comprehensive library of presentations and discussions on the Kemp BrightTALK Channel covering various levels from load balancer beginners to advanced topics. I would recommend that you carve out an hour, grab a beverage, and listen to the BrightTALK on-demand video on this topic to get the complete picture of why you would choose LoadMaster. I recap the headlines and provide a brief description of all the reasons here. The video has a deep dive into how F5 load balancers work and what this means when choosing what to use.

Reason 1: Complexity

The F5 load balancer solution has a lot of complexity in its design. As we outline in the BrightTALK video, there are many interacting layers in the product, and each has a specific function. In many cases, only some of the available functions get used. The F5 license you buy will enable those and leave the other unused functions disabled. But the problem is that this unused code expands the attack surface for cybercriminals and needs to be updated when system updates are available, even when you are not using the functionality. 

The management interfaces are also made more complex by having these layers of functionality that you may not use. They are still present in the UI, and any training offered for F5 will include how to configure and manage everything. Often overkill if you simply want to load balance some application servers. Many F5 customers tell us that managing an F5 based infrastructure is a full-time role for someone in their IT team.

Reason 2: Hardware & Software Inconsistency

The F5 hardware appliance uses custom chipsets to deliver dedicated functionality. This is a good approach when designing and making hardware devices that organizations put into private data centers. 

But the world has moved on rapidly in the last few years, and deployment models today are predominately based on virtualization, the Cloud, and some on-premise hardware in hybrid deployment models. Software written to take advantage of custom silicon in hardware appliances needs rewriting to provide the same functionality when that custom hardware is absent. This means that the code base between F5 hardware devices and the software or Cloud versions will be different. This opens up the possibility of security issues in one type of deployment but not in others. And more complexity and management overheads get introduced.

Kemp LoadMaster uses the same code base across all deployment platforms: hardware devices, virtual machines, and the Cloud. The LoadMaster hardware devices use industry-standard silicon and components, and for that reason, there is no custom code to control dedicated chipsets. Deploying, configuring, and managing a LoadMaster based infrastructure is independent of the deployment method. So you can pick the best approach for every application that is to be load balanced.

Reason 3: F5 iRules Require Advanced Programming Skills

F5 uses iRules to allow you to do anything you want via programming. I know someone who used iRules programming to turn an F5 load balancer into a DHCP server just because they could! While this is cool, it masks a more serious point. If you ask F5 how to do something, and it isn’t built-in or has an iRule from someone you trust, they will say use the iRules language to add the functionality you need. The problem with this is that you need to be a competent developer to create iRules. Even if your organization has programmers on staff, do you really want them to spend time creating iRule scripts to add features to network equipment? I suspect not. 

Even if you do take on the task of creating iRules as required, that means you have to manage them forever. Using the typical programming paradigms like version control and ideally code reviews by experienced iRules experts to see if you are introducing any security vulnerabilities in the code.

If you decide to move to LoadMaster (maybe when you next refresh your IT), then Kemp consulting can help you migrate any iRules based functionality to LoadMaster if not already in the product.

Reason 4: F5 is Expensive

This is a simple fact – F5 is expensive. Certainly a lot more costly than an equivalent LoadMaster. The table below shows a typical comparison.

ModelKemp LM-X15F5 i2800
Throughput (Gbps)1510
SSL TPS12,0004,300
Concurrent connections35 M14 M
Estimated list price$9,800$27,900

As you can see, there is a significant difference. LoadMaster typically delivers a 50% increase in performance alongside a 35% decrease in costs. You can see much more detailed information and comparisons between Kemp Loadmaster, F5, and Citrix load balancers on our comparison page.

Reason 5: All I Want is a Load Balancer

When we interact and consult with organizations looking to make their applications available and performant, we find that about 90% of all projects just need good load balancing functionality that is fast, secure, and easy to manage. All other layers of additional functionality included in F5 deployments are just adding complexity (as we mentioned above).

Sure, there will be edge cases (pun intended) where deployments will need this extra functionality, but it’s better to decide to add it in an informed way rather than just have it come along for the ride when all you want is a solid load balancing infrastructure. 

Reason 6: Lack of True Network Telemetry

Load balancers play a crucial role in the network chain from users to applications servers. They mediate all connections and sessions between the endpoints and the apps. They can gather and monitor network flow telemetry to optimize network use and troubleshoot any issues or security alerts. NetFlow is quickly becoming the first choice when monitoring network traffic. This is because NetFlow captures the information needed to answer almost all questions about network use but only needs a tiny fraction of the computing power and storage requirements associated with full packet capture network monitoring. 

F5 load balancers do not support NetFlow. LoadMaster is fully integrated with NetFlow capture and is a data source for the industry-leading Kemp Flowmon network detection and response solutions.

Bonus Reason 7: Support & Customer Satisfaction

Seven is the new six. I decided to include this in the BrightTALK webinar after setting the title as I think it is an important differentiator between Kemp, F5, and other load balancer vendors.

The customer reviews for Kemp and LoadMaster products and support eclipse those of other load balancer vendors. This is true across multiple third-party industry review sites. For an example, see the Gartner Peer Insights ADC page. At the time of writing (mid-July 2021), Kemp has a 5-star rating from 308 reviews. It is beating F5, who are on 4.5 stars from 194 reviews. 

This is a reflection of the core LoadMaster products and the industry-leading Kemp support organization. Our support teams operate a single-tier structure. Every issue logged is assigned to a product expert who has the deep knowledge needed to diagnose and resolve any problems. There is no concept of tiered support with cases being passed from level 1 to level 2 and then on to level 3 support teams. The contact you get at the start will be the contact who resolves your issue. 

Conclusion

It’ll not come as a surprise to anyone that we think that LoadMaster is the best choice for most organizations that need load balancers. We do recognize that there are some situations were deploying F5 will make more sense. But we don’t think it should be your default choice due to inertia or lock-in. If you are looking for some new load balancers, then take a look at LoadMaster. If you have F5 infrastructure in place, when it comes time to refresh, look at what LoadMaster can do to reduce your refresh costs and ongoing management overhead.  

See the Kemp website for more details, and contact us to talk about any topic related to LoadMaster, including extended trials and hardware device trials if required.

Posted on

Kemp Technologies

Kemp Technologies