Applies To:

Show Versions Show Versions

Release Note: BIG-IQ Centralized Management 6.0.1 :: New Features and Installation
Release Note

Original Publication Date: 09/11/2018

Summary:

This release note documents version 6.0.1 of BIG-IQ Centralized Management.

Contents:

- New features
- Screen resolution requirement
- Browser support
- BIG-IP compatibility
- User documentation for this release
- Fixes, behavior changes, and known issues
- Contacting F5 Networks
- Legal notices

New features

Support IP pools for management addresses VMware service scaling groups

You can now configure VMware service scaling groups to use statically defined management IP addresses.

Application template switching

Previously you had to synchronize any changes you made to application templates. Now, you can clone and modify a template then switch to it when you want to use it.

Access policies

You can now attach Access policies to templates.

Upgrade support for BIG-IQ Centralized Management system versions policies

You can now upgrade BIG-IQ Centralized Management: Upgrading Version 5.2, 5.3, 5.4, or 6.0 to 6.0.1, with or without DCD clusters.

Intuitive visibility for all managed applications

BIG-IQ now provides an overview of all managed applications with the option for a more detailed view of each application. Both the overview and detailed views provide information about the application's performance and BIG-IP host environment. For applications managed by BIG-IP versions 13.1.0.5 or later, you can also view HTTP traffic details, Web Application Security status, and network statistics.

Easy application troubleshooting based on application traffic and security data

For applications managed by BIG-IP versions 13.1.0.5 or later, you can now enable enhanced analytics to view detailed application data in real-time, which allows you to isolate traffic characteristics that are affecting your application's performance and security status.

Real-time notifications for monitored devices and applications

You can now receive real time events for BIG-IP devices and their connected applications, applications. These notifications are integrated into the BIG-IQ UI charts and allow you to pinpoint activities that are currently affecting your application.

Enhanced HTTP and Web Application Security visibility for all applications

You can use the HTTP and Web Application Security Dashboards to monitor all applications managed by BIG-IQ Centralized Management. These dashboards allow you to compare applications, pool members, and other aspects of traffic to your applications. In addition, the enhanced view includes real time events and alerts within the charts, and enhanced analytics data.

Added object and management support for DNS features

Creating, reading, updating, and deleting DNS GSLB objects, and listeners is now supported from the BIG-IQ user interface and the API.

Visibility into managed service scaling groups

An automatically scalable environment of BIG-IP VE devices can be defined to provide services to a set of applications. System administrators of BIG-IQ Centralized Management can monitor performance data for these BIG-IP VE devices. These including status notifications for virtual servers, pools and pool members. These notifications are integrated into the BIG-IQ UI charts and allow you to pinpoint activities that are currently affecting your application.

Enhanced HTTP and Web Application Security visibility for applications

For applications managed by BIG-IP versions 13.1.0.5 or later, you can use the HTTP and Web Application Security Dashboards to monitor all applications managed by BIG-IQ Centralized Management. These dashboards allow you to compare applications, pool members, and other aspects of traffic to your applications. In addition, the enhanced view includes real time events and alerts within the charts, and enhanced analytics data.

Added application visibility to pool and pool member data

You can now view application dimension data for the Pool & Pool Member dashboard.

Added object and management support for DNS features

Creating, reading, updating, and deleting DNS GSLB objects, and listeners is now supported from the BIG-IQ user interface and the API.

Visibility into managed service scaling groups

An automatically scalable environment of BIG-IP VE devices can be defined to provide services to a set of applications. System administrators of BIG-IQ Centralized Management can monitor performance data for these BIG-IP VE These including status notifications for virtual servers, pools and pool members. These notifications are integrated into the BIG-IQ UI charts and allow you to pinpoint activities that are currently affecting your application.

Enhanced DNS visibility and configuration

BIG-IQ provides the ability to configure and have an enhanced view into DNS traffic, which now includes both peak traffic values and average traffic values over a selected period of time.

Application templates

Enhanced application/service templates that make deployments simple and repeatable.

Security policies and profiles available in applications

You can now add security policies and profiles to applications, including Web Application Security policies, Network Security firewall policies, DoS profiles, and logging profiles.

Automatically deploy policy learning

You can now enable automatic deployment of policy learning using Web Application Security.

Extended ASM/advanced WAF management that includes

  • Auto-deploy policy learning
  • Brute-force attack event monitoring
  • Event correlation
  • Manage DataSafe profiles
  • Initial ASM and HTTP monitoring dashboards

Enhanced AFM Management

  • AFM and DoS event visualization
  • Multi device packet tester
  • Enhanced debugging

APM enhancements

  • Management capabilities for APM Federation through BIG-IQ (SAML IdP and SP)
  • Management capabilities for APM SSO configuration for Web Proxy Authentication Support Through BIG-IQ

Manage cookie protection

You can now manage cookie protection for BIG-IP devices using Web Application Security.

Monitoring dashboard for Web Application Security statistics

You can review Web Application Security policy statistics using a graphical dashboard.

Manage DataSafe profiles

You can now manage DataSafe profiles using Fraud Protection Security.

Enhanced support for NAT firewalls

You can now use the enhanced NAT firewall support in Network Security.

Subscriber support in firewall rules

You can now add subscriber IDs and groups to firewall rules in Network Security for BIG-IP devices that support them.

Firewall testing using packet flow reports

You can now create and view packet flow reports to test firewall configurations in Network Security.

Support for multiple BIG-IP devices with packet tester reports

You can now select multiple BIG-IP devices when generating packet tester reports in Network Security.

Renaming of firewall objects supported

You can now rename firewall objects, such as firewall policies in Network Security.

Enhanced support for DoS profiles, device DoS configurations, and scrubber profiles

You can now manage additional features of DoS profiles, device DoS configurations, and scrubber profiles that are found in BIG-IP version 13.1, such as new vectors, stress-based mitigation, DNS dynamic signatures, and VLAN support in scrubber profiles.

Copying device DoS configurations

You can now copy device DoS configurations from one BIG-IP device to multiple BIG-IP devices with the same version.

Viewing logs for DoS and firewall events in the user interface

You can now configure and view logging of DoS and firewall events, and for DoS events, see that information in a graphical format.

Enhanced DNS visibility and configuration

BIG-IQ provides the ability to configure and have an enhanced view into DNS traffic, which now includes both peak traffic values and average traffic values over a selected period of time.

Application templates

Enhanced application/service templates that make deployments simple and repeatable.

Security policies and profiles available in applications

You can now add security policies and profiles to applications, including Web Application Security policies, Network Security firewall policies, DoS profiles, and logging profiles.

Automatically deploy policy learning

You can now enable automatic deployment of policy learning using Web Application Security.

Extended ASM/advanced WAF management that includes

  • Auto-deploy policy learning
  • Brute-force attack event monitoring
  • Event correlation
  • Manage DataSafe profiles
  • Initial ASM and HTTP monitoring dashboards

Enhanced AFM Management

  • AFM and DoS event visualization
  • Multi device packet tester
  • Enhanced debugging

APM enhancements

  • Management capabilities for APM Federation through BIG-IQ (SAML IdP and SP)
  • Management capabilities for APM SSO configuration for Web Proxy Authentication Support Through BIG-IQ

Manage cookie protection

You can now manage cookie protection for BIG-IP devices using Web Application Security.

Monitoring dashboard for Web Application Security statistics

You can review Web Application Security policy statistics using a graphical dashboard.

Manage DataSafe profiles

You can now manage DataSafe profiles using Fraud Protection Security.

Enhanced support for NAT firewalls

You can now use the enhanced NAT firewall support in Network Security.

Subscriber support in firewall rules

You can now add subscriber IDs and groups to firewall rules in Network Security for BIG-IP devices that support them.

Firewall testing using packet flow reports

You can now create and view packet flow reports to test firewall configurations in Network Security.

Support for multiple BIG-IP devices with packet tester reports

You can now select multiple BIG-IP devices when generating packet tester reports in Network Security.

Renaming of firewall objects supported

You can now rename firewall objects, such as firewall policies in Network Security.

Enhanced support for DoS profiles, device DoS configurations, and scrubber profiles

You can now manage additional features of DoS profiles, device DoS configurations, and scrubber profiles that are found in BIG-IP version 13.1, such as new vectors, stress-based mitigation, DNS dynamic signatures, and VLAN support in scrubber profiles.

Copying device DoS configurations

You can now copy device DoS configurations from one BIG-IP device to multiple BIG-IP devices with the same version.

Viewing logs for DoS and firewall events in the user interface

You can now configure and view logging of DoS and firewall events, and for DoS events, see that information in a graphical format.

Screen resolution requirement

To properly display, the BIG-IQ system requires that your screen resolution is set to 1280x1024 or higher.

If you’re a Windows user, do not increase (zoom) the screen size more than 100%, because it can limit what you can view on the screen.

Browser support

BIG-IQ version 6.0.1 supports the following browsers and versions:

  • Microsoft Internet Explorer version 11.x
  • Microsoft Edge
  • Mozilla Firefox version 59.x and 60.x
  • Google Chrome version 65.x and 66.x

Known Issue ID Number 722458: Chrome 67 is unsupported for BIG-IQ version 6.0.1. Chrome 67 will crash if you use it to try to view or modify an Application Services configuration (such as adding a pool or virtual server) or view or modify an Access Policy configuration. To work around this issue, use a supported browser: Chrome versions 65.x or 66.x, Firefox 59.x or 60.x, Microsoft Edge, or Microsoft Internet Explorer 11.x.

BIG-IP compatibility

K34133507: BIG-IQ Centralized Management compatibility matrix provides a summary of version compatibility for specific features between the BIG-IQ system and BIG-IP releases.

User documentation for this release

Software documentation
For access to the user documentation for this software release, go to the BIG-IQ Centralized Management Knowledge Center and select version 6.0.1.

For updated information about troubleshooting specific use cases, go to: https://github.com/F5Networks/f5-aws-cloudformation/tree/master/supported/solutions/autoscale.

Platform documentation
For Virtual Edition or Cloud setup documentation organized by VE or Cloud type, refer to the Cloud Knowledge Center on AskF5 to select an option.
For hardware platform documentation, visit the Hardware Knowledge Centers page on AskF5 to select the appropriate BIG-IQ hardware documentation.
Title Use to:
   
F5 BIG-IQ Centralized Management: Which Systems Setups Support an Upgrade to version 6.0.1 Select the relevant upgrade process based on the version and configuration (with or without DCD devices).
F5 BIG-IQ Centralized Management: Upgrading Version to 5.2, 5.3, 5.4, or 6.0 to Version 6.0.1 Upgrade a BIG-IQ system running version 5.2, 5.3, 5.4, or 6.0 to version 6.0.1.
F5 BIG-IQ Centralized Management: Upgrading Version 5.2 or 5.3 with a DCD Cluster to Version 6.0.1 Upgrade version 5.2 or 5.3 a DCD and BIG-IQ Cluster to Version 6.0.1.
F5 BIG-IQ Centralized Management: Upgrading Version 5.4 or 6.0.0 with a DCD Cluster to Version 6.0.1  
F5 BIG-IQ Centralized Management: Upgrading Version 6.0.0 with a DCD Cluster to Version 6.0.1 with Minimal Downtime  
Planning and Implementing an F5 BIG-IQ Centralized Management Deployment Plan deployment, license, and set up the BIG-IQ system in your network.
F5 BIG-IQ Centralized Management: Core Concepts Find out more about the concepts about the core functionality included with BIG-IQ Centralized Management.
F5 BIG-IQ Centralized Management DCD Sizing Guide Determine the resources that are required to handle the data generated by the BIG-IP® devices you manage. Requirements vary according to the type and amount of data you generate.
F5 BIG-IQ Centralized Management: Authentication, Roles, and User Management
  • Configure authentication through a 3rd-party provider (LDAP, RADIUS or TACAS+) .
  • Use built-in and custom roles to manage user access.
F5 BIG-IQ Centralized Management: Monitoring and Reports
  • Set up health monitoring and alerts and statistics collections
  • Manage audit logs, run reports, and analyze statistics.
  • Troubleshoot Access reports.
F5 BIG-IQ Centralized Management: Device
  • Discover BIG-IP devices and import F5 services.
  • Deploy software images, licenses, SSL certificates, backup files, and configurations.
BIG-IQ Centralized Management: DNS Administration  
F5 BIG-IQ Local Traffic & Network Implementations Manage:
  • Local Traffic profiles
  • Virtual servers
  • Network objects
  • iRules
  • Applications and application templates
As well as configuring an IPsec tunnel and event viewing.
F5 BIG-IQ Centralized Management: Security Manage:
  • Object pinning
  • Firewall contexts
  • Address and port lists
  • Rules, rule lists, policies, and rule reports
  • Service, timer, and port misuse policies
  • NAT policies and translations
  • FQDN resolvers
  • Change verifications
  • External logging devices
  • Shared security for virtual servers, DoS profiles, device DoS configurations, network whitelists, logging profiles, and SSH profiles
  • Bot signatures and bot signature categories
  • IP intelligence settings
  • External redirection settings
  • Application Securities Policies
  • Signature files, custom attack signatures and sets
  • Web Application Security event logs
F5 BIG-IQ Centralized Management: Access
  • Configure an Access group, HA pair, and cluster.
  • Manage access groups.
  • View and edit access configurations.
  • Configure authentication for Active Directory, SecuID, HTTP, Oracle Access Manager, OCSP responder, CRLDP, and Kerberos.
  • Manage audit logs
F5 BIG-IQ Centralized Management: Fraud Protection Service Set up, manage, and monitor alerts for fraud protection.
F5 BIG-IQ Centralized Management Use Case: Provide Role-Based User Access to an Application Give role-based user access to a SharePoint application.
F5 BIG-IQ Centralized Management: Auto-Scale in a VMware Cloud Start auto-scaling BIG-IP VE devices in a VMware cloud to manage applications.
F5 BIG-IQ Centralized Management: Auto-Scale in a AWS Cloud Start auto-scaling BIG-IP VE devices in an AWS cloud to manage applications.
BIG-IQ Centralized Management: Monitoring and Managing Application Services Monitor the health and statistics for your application services.​

Fixes, behavior changes, and known issues

This release note contains known issues found only in this release. It does not contain any known issues found in previous releases that are not yet fixed.

Fixes included in this release are for known issues found in previous releases.

For a comprehensive list of fixes, behavior changes, and known issues, see:

For information about fixes and known issues for past releases, refer to the version-specific release notes.

Contacting F5 Networks

Phone - North America: 1-888-882-7535 or (206) 272-6500
Phone - Outside North America, Universal Toll-Free: +800 11 ASK 4 F5 or (800 11275 435)
Fax: See Regional Support for your area.
Web: https://support.f5.com/csp/home
Email: support@f5.com

For additional information, please visit http://www.f5.com.

Additional resources

You can find additional support resources and technical documentation through a variety of sources.

F5 Networks Technical Support

Free self-service tools give you 24x7 access to a wealth of knowledge and technical support. Whether it is providing quick answers to questions, training your staff, or handling entire implementations from design to deployment, F5 services teams are ready to ensure that you get the most from your F5 technology.

AskF5

AskF5 is your storehouse for thousands of knowledgebase articles that help you manage your F5 products more effectively. Whether you want to browse periodically to research a solution, or you need the most recent news about your F5 products, AskF5 is your source.

F5 DevCentral

The F5 DevCentral community helps you get more from F5 products and technologies. You can connect with user groups, learn about the latest F5 tools, and discuss F5 products and technology.

AskF5 Publication Preference Center

To subscribe, click AskF5 Publication Preference Center, enter your email address, select the publications you want, and click the Submit button. You will receive a confirmation email. You can unsubscribe at any time by clicking the Unsubscribe link at the bottom of the email, or on the AskF5 Publication Preference Center screen.

  • TechNews Weekly eNewsletters: Up-to-date information about product and hotfix releases, new and updated articles, and new feature notices.
  • TechNews Notifications: Periodic plain text TechNews, sent any time F5 releases a product or hotfix. (This information is always included in the next weekly HTML TechNews email.)
  • Security Alerts: Timely security updates and ASM attack signature updates from F5.

Legal notices

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.

Additional Comments (optional)