a10 thunder series application delivery controller (adc) · adc services for millions of customers...
TRANSCRIPT
©A10 Networks, Inc.
A10 Thunder Series Application Delivery Controller (ADC)Overview
2©A10 Networks, Inc.
Thunder ADC Solutions to Enhance Your Business
Acceleration
Provide fast and responsive services
Competitive advantage
Drive down CAPEX and OPEX
Availability
Scale Web and key infrastructure
Reduce downtime Ensure business
continuity
Security
Protect against advanced and emerging attacks
Protect brand and guard against revenue loss
Meet required compliance standards
Solutions
4©A10 Networks, Inc.
Application availability– To maintain uptime – SLB, GSLB, high-availability (HA),
Health-checks, more…
Application acceleration– For equipment consolidation and
faster user experience – Caching, compression, network
optimization, more…
Application security services – For brand and asset protection while
enhancing your existing security – FWLB, WAF, SSL services, more…
Enterprise Data Center
A10 ADC
Web App DNS Other App
Security:DDoS MitigationWAFDAFAAM
Acceleration:SSL OffloadTCP ReuseRAM CachingCompression
Availability:GSLB
High-availabilityHealth-checks
Backup Data Center
5©A10 Networks, Inc.
Scaling security devices and encrypted communications– SSL Intercept: Eliminate encryption blind
spot and scale security appliances– FWLB and SSL offload, more…
Defend against emergingDDoS attacks – Network and application protection
Selectively apply dynamicsecurity chains– Traffic steering and advanced
ADC services
DMZ Security Solutions
Firewall Load BalancingDDoS MitigationWAFDAFAAMTraffic SteeringaFleX ScriptingSSL Offload
A10 ADC
Data Center
FirewallsIDS/IPSDLPOther
Firewall Load BalancingSSL Intercept
A10 ADC
Internal Users
6©A10 Networks, Inc.
Optimized network efficiency and services– Traffic steering and service chaining
Enhanced service availability– Load balancing for Web, caches,
Diameter, SIP, IPv4/IPv6 more…
Service Provider Solutions
Service Provider Networks
7©A10 Networks, Inc.
Solving Customers’ Critical Business Challenges
Reducing costs by consolidating legacy appliancesA10 ADCs enable consolidation of racks of legacy load balancers for operational efficiency and ease of management.
ADC services for millions of customers Improved reliability over legacy Cisco ACE load balancers while keeping costs down.
Powering multiple internal and external servicesMulti-tenancy consolidates internal applications and external web servers ADC environment, reducing OPEX and CAPEX.
Data center efficiency with large traffic volumesBest value to sustain very high traffic volume with the least capital and operational expense, and all required features.
8©A10 Networks, Inc.
Microsoft– Exchange and Lync certified, tested integrations include
SharePoint, IIS & more…
Oracle– Deployment guides for Application Server, E-business Suite,
PeopleSoft Enterprise, Oracle Siebel CRM, WebLogic
SAP– Reliability, security & performance certified for Business
Objects Explorer (BOE), SAP Netweaver Portal & SAP CRM
VMware– VMready certified, VMware View
Other – Blackboard, Apache & more…
Enhancing Key Applications
Application Availability
10©A10 Networks, Inc.
Application Availability
Highly available applications and data centers
High performance server load balancing: Scaling capacity for peak loads
High availability: For uninterrupted operation
Health-checks: Complete application fault detection
Global server load balancing (GSLB): Intelligence for global operations
11©A10 Networks, Inc.
Large capacity to handle high traffic volumes in 1RU– Up to 150 Gbps throughput– 5 M new sessions/sec– 256 M concurrent sessions
Benefits:– Optimized for maximum performance
with ACOS– Hardware offload – All-inclusive performance on
hardware appliances
Performance and SLB: Scaling Capacity for Peak Loads
A10 ADC
Data Center
ACOS performanceNo restrictionsHardwareoffload
12©A10 Networks, Inc.
Eliminates the ADC as a point of failure Benefits:
– Sub-second failover– Active-standby, active-active or N+1 options– Stateful failover to preserve sessions
High Availability: For Uninterrupted Operation
A10 ADC
Data Center
13©A10 Networks, Inc.
Ensures servers are able to handle users as intended Benefits:
– Users always receive the optimal experience
– Ensures all components needed are functioning
– Network, application (HTTP, DNS, more…) or database health-checks
Health-checks: Complete Application Fault Detection
A10 ADC
Unreachable Componentdown
e.g. database
Trafficdirected to
active server
14©A10 Networks, Inc.
Provides multi-data center resiliency Benefits:
– Enables disaster recovery on failure or active-active data centers
– Optimizes users to the best performingdata center (e.g. response time,geo-location, more…)
– Ensures user’s Web experience is the fastest
GSLB: Intelligence for Global Operations
A10 ADC
Data Center
Geo Site
Application Acceleration
16©A10 Networks, Inc.
Application Acceleration
TCP Optimization: Improve application performance
RAM Caching: Faster page loads equal more revenue
SSL Acceleration: Secure applications
Compression: Optimize any bandwidth level
Application acceleration for a faster user experience and optimized utilizationTechnology for Application Acceleration
17©A10 Networks, Inc.
Reduces TCP connection management overhead – TCP reuse (multiplexing) to offload server
connection setup and tear down
Benefits:– Increases overall server capacity– Reduction in connections– Improved response times less
required servers
Details:– Server TCP stack offload – Persistent connection to servers
TCP Optimization: Improve Application Performance
A10 ADC
Data Center
Many TCPConnections
Reduced TCP Connections
18©A10 Networks, Inc.
Offloads compute intensive SSL traffic – Hardware security processor assist
Benefits:– Eliminates high SSL CPU overhead
from servers– Servers support many more transactions
per second– Simpler certificate management
Details:– 4096-, 2048-, and 1024-bit keys– 2x key size = 3x to 7x drop in legacy
SLBs capacity
SSL Acceleration: Secure Applications
A10 ADC
Data Center
Secured HTTPS
UnsecuredHTTP
19©A10 Networks, Inc.
RAM Cached objects served from the Thunder ADC– Eliminates repetitive fetches for frequently
requested objects
Benefits:– Faster response to the end user– Reduce connections and server requests– Reduce servers due to offloaded traffic
Details:– Static or dynamic support– Extensive object type support
RAM Caching: Faster Page Loads Equal More Revenue
A10 ADC
Data Center
Repeated Requests Served From Cache
20©A10 Networks, Inc.
Reduces transmission size for HTTP – Smaller payload to transfer to the end user
Benefits:– Optimize traffic for international, mobile,
legacy devices, etc.– Faster delivery to end-user– Offloads Web server CPU cycles
Details:– Gzip & deflate encoding support– Hardware or software options
Compression: Optimize Any Bandwidth Level
A10 ADC
Data Center
Compressed Traffic
Uncompressed Traffic
Application Security
22©A10 Networks, Inc.
Application Security
Web application firewall (WAF): Eliminate common Web attacks
SSL intercept: Eliminate the outbound SSL blind spot
Application access management (AAM): Add authentication seamlessly
DNS application firewall (DAF): Protect critical infrastructure
DDoS protection: Multi-vector edge protection
Enhance existing security infrastructure, and protect against the latest threats
23©A10 Networks, Inc.
Benefit:– Protect web applications– Ensure against code vulnerabilities and assist
PCI-DSS/HIPAA compliancy– Prevent damage to intellectual property,
data and applications
Advantage:– Fully integrated/designed for ACOS– No license; single device solution– Scalable and high performance
WAF: Eliminate Common Web Attacks
24©A10 Networks, Inc.
Benefit:– User authentication required for resource access– Enhanced protection and server efficiency– Authentication offload
Advantage:– Supports popular authentication services/stores– No adjustment to web servers or infrastructure– Seamless integration
AAM: Add Authentication Seamlessly
Access RequestAuthenticationChallenge
AuthenticationRequest
AuthenticationSuccessAccess
Granted
AAM
25©A10 Networks, Inc.
Benefit:– Eliminate encryption blind spot to inspect
encrypted traffic, including malware and advance persistent threats (APTs)
Advantage: – Optimized decryption with dedicated security
processors for CPU intensive 2048-bit keys– Offloads firewalls that can’t scale
SSL decryption– Freedom to work with any traffic
inspection/mitigation device
SSL Intercept: Eliminate the Outbound SSL Blind Spot
Other
DLPUTM
IDS
Server
A10 ADC
A10 ADC
encrypted
decrypted
encrypted
Inspection/Protection
Client
16
2
5
3
4
26©A10 Networks, Inc.
Benefit:– Uninterrupted DNS services– Protects vulnerable infrastructure– Ensures infrastructure cannot be a
weapon against a 3rd party
Advantage:– Blocks non-DNS traffic (up to 70%)– Surge protection– Full DNS command set (aFleX
and built-in)– Redirection for “honey pots”
DAF: Protect Critical Infrastructure
Malicious and Invalid Non-DNS Traffic on Port 53
“Zombies”Infected Clients
Generating Requests
Regular Clients Perform as Expected
Optional Maliciousand Invalid Traffic
Redirection
DNS Infrastructure
Denied
Surge Protection
Allowed
Result = Reduced and OptimizedCPU Usage
27©A10 Networks, Inc.
Benefits:– Large-scale DDoS protection– Advanced protection features– Predictable operations
Advantage:– Full DDoS defense covers network and
application attacks– Hardware DDoS protection for common attacks– SYN flood protection to 200 M per second
DDoS Protection: Multi-vector Edge Protection
SYN FloodRate LimitingConnection LimitingSlow L7 AttacksGeographic ControlInfrastructure ProtectionDDoSDDoSMore…L7 aFleX Control
Thunder Management
29©A10 Networks, Inc.
Comprehensive management options for operational simplicity and reduced management cost– CLI and GUI: Ease of Use and Management– aFleX: Comprehensive DPI and traffic management– aXAPI scripting: Customizable management options for integration– aGalaxy: Centralized and automated operations for lower TCO– 3rd party integrations: SDN and Cloud orchestration integration– Other management options: Application delivery partitions and layer 3 virtualization (ADP/L3V) Virtual chassis system (aVCS)
Comprehensive Management Options
30©A10 Networks, Inc.
GUI (Graphical User Interface)– Fewer screens and steps for tasks– Intuitive and easy to use
CLI (Command Line Interface)– Industry standard CLI, familiar interface– Easy to use, comprehensive help
GUI and CLI: Ease of Use and Management
31©A10 Networks, Inc.
Deep packet inspection and scripting technology Benefits
– Adjust traffic and L7 data as needed– Fix or optimize applications– Complete traffic control
aFleX: Comprehensive DPI and Traffic ManagementExample: Automatically displays a Web page based on the user’s language, using the language set in the user’s browser.
English
SpanishJapaneseChinese
32©A10 Networks, Inc.
Integrate into 3rd-Party Applications– Reporting– Centralized configuration management– Provisioning
Custom Management Solutions– Integrated into homegrown apps versus
using the A10 CLI or GUI
Interactive Infrastructure– Applications can issue triggers to change
traffic management behavior based on external events
aXAPI: Customizable Management Options for Integration
Authentication request, containing Thunder admin username and password.
If authentication is successful, Thunder replies with a session ID and status 200 - ok
Configuration or monitoring request, containing the session ID
Next configuration or monitoring request, containing the session ID
Third-party application sends session close request or allows session to time out.
If session ID is Valid, and session has not timed out or been closed, Thunder performs the requested action and replies with status 200 - OK
Thunder performs requested action, if session ID is valid and session has not timed out or been closed
Third-party Application aXAPI
33©A10 Networks, Inc.
A central network management system for all A10 devices Benefits:
– Automate repetitive tasks and eliminate human error
– Centralized control of events and configuration
– Faster operation for reduced OPEX
aGalaxy: Centralized/Automated Operations for Lower TCO
34©A10 Networks, Inc.
Achieve automation, operational agility, and reduced TCO SDN integration
– Overlay & fabric integration– VXLAN and NVGRE– IBM SDN-VE, Cisco APIC, VMware NSX
Cloud orchestration integration– Policy integration with Cloud orchestration platforms– aGalaxy, Microsoft SCVMM, VMware vCloud
Director, OpenStack
3rd-Party Integrations: SDN/Cloud Orchestration Integration
35©A10 Networks, Inc.
ADP and L3V Multi-tenancy– Multi-tenancy for consolidation– Separate admin look and feel,
overlapping IP addresses– Up to 128 partitions 1000+ L3V partitions
aVCS clustering – Single point of management– Scale up to 8 units in a cluster– Scale to 1.2 Tbps in a cluster
Other Management Options: ADP/L3V and aVCS
Product Portfolio, ACOS and ADC Form Factors
37©A10 Networks, Inc.
Thunder ADC
Richfeatures
Flexible deployment
Smartdesign
Server load balancing and application delivery
Acceleration Security (WAF, SI,
DAF, DDoS, more…)
Broad array of form factors– Virtual– Physical– Hybrid
For on premise or cloud deployments
Designed foroptimal performance
Delivering maximum uptime
Green, data center friendly design
Enabling Highly Available, Accelerated and Secure Applications
38©A10 Networks, Inc.
ACOS: Best-in-Class Performance Scalability
Shared Memory Architecture
1 2 N
Flexible Traffic Accelerator
Switching and Routing
Efficient & Accurate Memory
Architecture
64-Bit Multi-CoreOptimized
OptimizedFlow Distribution
CPU1
CPU2
CPU3
CPUN Compression
SSL
39©A10 Networks, Inc.
Thunder ADC Hardware AppliancesPr
ice
Performance
Thunder 930 ADC
5 Gbps (L4&L7)200k L4 CPS
1 M RPS (HTTP)
Thunder 1030S ADC
10 Gbps (L4&L7)450k L4 CPS
2M RPS (HTTP)SSL Processor
Thunder 3030S ADC
30 Gbps (L4&L7)750k L4 CPS
3M RPS (HTTP) SSL Processor
Thunder 4430(S) ADC
38 Gbps (L4&L7)2.7M L4 CPS
11M RPS (HTTP)
Thunder 5430S ADC
77/75 Gbps (L4/L7)2.8M L4 CPS
17M RPS (HTTP)SSL ProcessorHardware FTA
Thunder 5430(S)-11 ADC
79/78 Gbps (L4/L7)3.7M L4 CPS
20M RPS (HTTP)SSL ProcessorHardware FTA
Thunder 5630 ADC
79/78 Gbps (L4/L7)6M L4 CPS
32.5M RPS (HTTP)SSL ProcessorHardware FTA
Thunder 6430(S) ADC
150/145 Gbps (L4/L7)5.3M L4 CPS
31M RPS (HTTP)SSL ProcessorHardware FTA
Thunder 6630 ADC
150/145 Gbps (L4/L7)7.1M L4 CPS
38M RPS (HTTP)SSL ProcessorHardware FTA
40©A10 Networks, Inc.
vThunder Software Appliances
Lab Edition
Entry Level/Lab 200 Mbps
Entry Level/Lab1 Gbps
High-performance4 Gbps
High-performance 8 Gbps
vThunder (Perpetual Licensing) 200 Mbps to 8 Gbps VMware, KVM, Hyper-V & Xen
hypervisors Dynamic provisioning, faster roll out Scale up or down on-demand
Pric
e
Performance
41©A10 Networks, Inc.
Other vThunder Appliances and Flexible Billing Options
vThunder Pay-as-You-Go Licensing
Elastic & adaptive “Pay-as-you-Go” metering Automated licensing For IaaS providers only
License per Month
Rent (RBM) Utility (UBM)
License per Byte
vThunder for AWS
10 Mbps to 1 Gbps licensing 1 click provisioning of 64-bit Amazon
Machine Image (AMI) EC2 or VPC environments No feature limitations; licensed by
bandwidth BYOL perpetual license or hourly based
license
42©A10 Networks, Inc.
Why HVA?– Hardware acceleration– Deploy instances on demand– Consolidation– Strong hypervisor-based isolation
Advantage:– Hardware performance, virtual flexibility– OpenStack management – SR-IOV support for network and SSL
acceleration– No performance or feature licenses
Thunder Hybrid Virtual Appliance (HVA)
Pric
e
Performance
Thunder 3030S HVA8 instances,
35 Gbps
Thunder 3530S HVA40 instances,
100 Gbps
Summary
44©A10 Networks, Inc.
Thunder Buzz
“Provides substantial value…very high performance platforms, but only 1RU in size…”
Mark Fabbi, Gartner | Source: NetworkWorld
“…provide value and efficient networking to our customers.”
Jeff Doyle, Vice President of Engineering, TorreyPoint
“…simplify our IT environment…to meet and exceed service level agreements for all of our users.”
George Hamin, Director eBusiness & Information Systems for Subaru Canada, Inc.
45©A10 Networks, Inc.
Provides a better application experience, while optimizing your environment Provides essential application delivery features
– Availability– Acceleration– Security
Broad array of high performance Thunder form factors– Physical, hybrid, virtual and cloud
Summary – Thunder ADCs for Today’s Application Concerns
46©A10 Networks, Inc.
Visit www.a10networks.com– 30 days, 5 Mbps limit– Full features– For VMware, Hyper-V, KVM and Xen
vThunder Free Trial – Try Today
THANK YOUwww.a10networks.com