You use BIG-IQ Device to centrally manage resources located on BIG-IP devices in your local network, in a public cloud like Amazon EC2, or in a combination of both.
The first step to managing devices is making BIG-IQ Device aware of them through the discovery process. To discover a device, you provide BIG-IQ Device the device IP address, user name, and password.
After you discover devices, you can view details about those devices for easy asset management.
You can perform this task only after you have licensed and installed the BIG-IQ system and at least one BIG-IP device running version 11.3 or later.
This task runs a script. For this script to run properly, you must first open specific ports on your EC2 AMI BIG-IQ instance and on any associated EC2 BIG-IP instances. To open these ports, you need additional security group rules in your allow-only-ssh-https-ping security group, and you need to associate these rules with the management interface.
You need to create three rules: two outbound rules for the BIG-IQ instance, and one inbound rule for the BIG-IP instance.
|Group Name||Group Description||Rule Name||Source||Port|
|allow-only-ssh-https-ping||Allow only SSH, HTTPS, or PING||Outbound SSH||0.0.0.0/0||22 (SSH)|
|Outbound HTTPS||443 0.0.0.0/0||443 (HTTPS)|
|Inbound HTTPS||0.0.0.0/0||443 (HTTPS)|
After you license and perform the initial configuration for the BIG-IQ system, you can discover BIG-IP devices running version 11.3 or later. For proper communication, you must configure each F5 device you want to manage with a route to the BIG-IQ system. If you do not specify the required network communication route between the devices, device discovery will fail.
You can view detailed data about the managed devices in your network. Information includes associated IP addresses, platform type, license details, software version, and so forth. In addition to viewing this information, you can also export it to a CSV file and edit the data as required to create reports for asset management.