Application ready templates were introduced in BIG-IP v10 and the goal was to provide a wizard for the often deployed applications like Exchange, SharePoint, Citrix, Oracle, VMware and so forth. This allowed the abstraction some of the configuration details and reduced the human error when following the pages of the thick deployment guides for those applications. Application templates were great but there was no way to customize the template either during the deployment or adjust it after.
Then came iApps®.
Introduced in TMOS v11, iApps is the current BIG-IP system framework for deploying services-based, template-driven configurations on BIG-IP systems. iApps bundles all of the configuration options for a particular application together.
Roughly a third of F5 customers use iApps and they are especially popular for more complex configurations, like Microsoft Exchange, for example, which requires up to 1200 mouse clicks to configure manually and only 50 mouse clicks to configure with the iApp. iApps are also often used to roll out similar configurations to multiple BIG-IP's. Some customers run hundreds of iApps, some run none--the choice is yours.
Here is one example of iApp customization and its evolution. When we released SAML support in v11.3, many customers wanted to use BIG-IP APM as a SAML Identity Provider (IdP) for Office365 but there are a few steps to configure that in BIG-IP. Configure Active Directory, then SAML, then the access policy and so forth. One of our very smart Security Architects, Michael Koyfman, wanted to make that task simple, repeatable and accurate.
He decided to write an O365 iApp and posted it to DevCentral where there was immediate interest from the community. From that, Product Development engineers rewrote it to follow their libraries and best practices and then moved to the supported status. You can now use this F5 supported iApp template to configure the BIG-IP system as a SAML IdP to Microsoft Office 365 applications, such as Exchange and SharePoint. This template configures the BIG-IP APM system as an IdP for Office 365 to perform single sign-on (SSO) between the local Active Directory user accounts and Office 365-based resources such as Microsoft Outlook Web App and Microsoft SharePoint.
But we didn’t stop there.
Since it is the same framework and easily extensible to add more services to an iApp, they took it a step further. With the O365 iApp as the basis, the team then built a SaaS Federation iApp which allows you to configure BIG-IP APM as SAML IdP to 11 commonly used SaaS applications including Salesforce, Concur, WebEx, O365 and others. Now, with a single iApp, you can federate your employees to many SaaS applications easily, efficiently and securely. This iApp also went through a beta period on DevCentral and was recently released as a F5 supported iApp.
UI configurations for the SaaS iApp
Summary of configurations for the SaaS iApp