Manual Chapter : F5 iWorkflow Introduction

Applies To:

Show Versions Show Versions

F5 iWorkflow

  • 2.3.0
Manual Chapter

About incorporating iWorkflow securely into your network

To successfully manage devices in your network, including F5® iWorkflow™ peer systems, the iWorkflow system requires communication over HTTPS port 443. The iWorkflow administrator can provide fine-grained access to various roles, which are verified by authorization checks (AuthN and AuthZ). Authenticated users have access only to the resources explicitly granted by the iWorkflow administrator. Additional security is provided through bidirectional trust and verification through key and certificate exchange and additional support for LDAP and RADIUS authentication.

Open ports required for device management

The F5® iWorkflow™ system requires bilateral (outbound and inbound) communication with other iWorkflow devices, and unilateral (outbound only) communication with BIG-IP® devices in your network in order to successfully manage them. For this communication, the following ports are open by default to allow for the required two-way communication.

Open Port Purpose
TCP 443 (HTTPS) Discover, monitor, and configure managed devices. Replicate and synchronize iWorkflow systems.
TCP 22 (SSH) Administer iWorkflow, REST API updates on remote systems.

Overview: iWorkflow system

The F5 ®iWorkflow™ system streamlines deployment of application delivery services policy. Because it is based on the same platform as BIG-IP® devices, it includes full product support, security patches, and internal and external security audits (AuthN and AuthZ checks).

iWorkflow enables organizations to accelerate the deployment of applications and services while reducing exposure to operational risk. Available only as a virtual appliance, iWorkflow is a multi-tenant platform for deploying application delivery policies onto BIG-IP devices. Presented using services catalogues, iWorkflow tenants deploy highly-configurable, administrator-defined application services templates. Using these service templates (called F5 iApps®), you avoid operational delay, risk, and complexity while simplifying application delivery management.

When integrated with Cisco APIC, iWorkflow provides the ability to insert services into the APIC network. APIC administrators can create new device packages that expose APIC function profiles that are based on F5 iApps. With iApps, you can make changes to Cisco APIC and BIG-IP device interaction without waiting for a new software release from F5.

Additional resources and documentation for iWorkflow systems

You can access all of the following iWorkflow™ system documentation from the AskF5™ Knowledge Base located at http://support.f5.com/.

Document Description
iWorkflow™ Systems Virtual Editions Setup guides iWorkflow™ Virtual Edition (VE) runs as a guest in a virtual environment using supported hypervisors. Each of these guides is specific to one of the hypervisor environments supported for the iWorkflow system.
Release notes Release notes contain information about the current software release, including a list of associated documentation, a summary of new features, enhancements, fixes, known issues, and available workarounds.
Solutions and Tech Notes Solutions are responses and resolutions to known issues. Tech Notes provide additional configuration instructions and how-to information.