jimmy
Professional
Hello,
I've been working with the MSM module for the F5 (BIGIP) load balancers for several months now. I'd like to share my impressions of the product along with some handy tips that will hopefully save you some time. Sadly, documentation for this product is somewhat lacking and I've worked with a few experts at F5 networks to sort out the implementation.
Please review the product data sheet available here. Some of the concepts of the MSM might take a bit to get your head around if you have not worked with the F5 load balancers previously.
The MSM module is designed for high volume email providers. It is intended to augment existing email scrubbing resources. (spamassassin,rbls, etc). It works by monitoring inbound SMTP connections. The sending mail server IP is compared against the TrustedSource IP reputation database powered by Secure Computing. The module does a DNS query against the TrustedSource systems and the score returned is used to determine the fate of the SMTP connection. The message can be dropped,forwarded on to additional email scanning resources, or delivered. As this happens at the network level, significant server resources can be saved. As this product generates a significant amount of DNS traffic, a DNS server dedicated to these scoring queries may be required depending on email volume.
The MSM is powered by the IRULE facilities of the F5 load balancer. Message scoring and server resources must be configured after the install script finishes. I was able to get the MSM running within 20 minutes.
The MSM module works as advertised and we've been able to drop approx 70% of inbound SMTP connections before any email processing is required. After some tweaking of the scoring this product proves to be a quality asset.
Features. I feel the product is a bit lacking in features and I'm hoping to see these added to future releases. Currently there are no SNMP MIBs to allow easy polling of the connection statistics. These stats are available within the UI of the F5, however I am a graph junky and I'd like to be able to see historical data. The MSM module also can only be assigned to one inbound SMTP server IP.
Price. It's expensive. However enterprise providers should be able to justify the cost as significant server resources can be conserved.
Overall, the product works as advertised and has been reliable. I would recommend it to enterprise email providers.
Feel free to drop me a line if you have additional questions about the product.
until next time.
-jimmy
I've been working with the MSM module for the F5 (BIGIP) load balancers for several months now. I'd like to share my impressions of the product along with some handy tips that will hopefully save you some time. Sadly, documentation for this product is somewhat lacking and I've worked with a few experts at F5 networks to sort out the implementation.
Please review the product data sheet available here. Some of the concepts of the MSM might take a bit to get your head around if you have not worked with the F5 load balancers previously.
The MSM module is designed for high volume email providers. It is intended to augment existing email scrubbing resources. (spamassassin,rbls, etc). It works by monitoring inbound SMTP connections. The sending mail server IP is compared against the TrustedSource IP reputation database powered by Secure Computing. The module does a DNS query against the TrustedSource systems and the score returned is used to determine the fate of the SMTP connection. The message can be dropped,forwarded on to additional email scanning resources, or delivered. As this happens at the network level, significant server resources can be saved. As this product generates a significant amount of DNS traffic, a DNS server dedicated to these scoring queries may be required depending on email volume.
The MSM is powered by the IRULE facilities of the F5 load balancer. Message scoring and server resources must be configured after the install script finishes. I was able to get the MSM running within 20 minutes.
The MSM module works as advertised and we've been able to drop approx 70% of inbound SMTP connections before any email processing is required. After some tweaking of the scoring this product proves to be a quality asset.
Features. I feel the product is a bit lacking in features and I'm hoping to see these added to future releases. Currently there are no SNMP MIBs to allow easy polling of the connection statistics. These stats are available within the UI of the F5, however I am a graph junky and I'd like to be able to see historical data. The MSM module also can only be assigned to one inbound SMTP server IP.
Price. It's expensive. However enterprise providers should be able to justify the cost as significant server resources can be conserved.
Overall, the product works as advertised and has been reliable. I would recommend it to enterprise email providers.
Feel free to drop me a line if you have additional questions about the product.
until next time.
-jimmy
Last edited: