By Steve Millard, Product Sales Manager for A10 Networks at Wick Hill
We are not talking about the ACϟDC song!
We mean The A10 THUNDER ADC (Application delivery controller).
What is an ADC, what does it all mean, and why have we seen a sudden influx of interest in this not so new product? Why do we need an ADC over an SLB (Server Load Balancer)?
Simply answered, SLBs move traffic across a server set. This is fine if it’s a small deployment, or you are a company which doesn’t rely on unified communications, use ecommerce or are dependent on applications of nature to your business. I am sure you will all have a bit of this in your environment already, and you will plan to grow.
You need an ACϟDC ADC no matter what!
ADC’s are crucial to the modern world, like a Firewall is to any network, and in fact, these two core foundation pieces of equipment can be used together for layered security. (this will be explained later on).
The story of the ADC really starts with IP connections in the world. Take a look at this picture. It will make you think..
As you can see, the more devices we own, the more connections we need to manage. On a security front, you need to question yourself – “can my Firewall take all these incoming connections?”. Are these connections dangerous to our environment? Most security breaches are already inside your network.
In the network arena, you also need to think “are my SLBs up to the task of distributing the work load, or are applications now becoming slow and sluggish?”. “Are my servers handling the traffic correctly” – are you adding new servers? What about things like SSL connections, are the users, YOUR customers getting a good customer service, in the sense that the transaction is fast and it doesn’t drop?
Have you protected your servers from attacks like bad SSL packets or even DDOS? Have you even protected your servers at all? Then ask yourself this – does your SLB do any of the above with the ability to scale? Can your SLBs balance subnets? I doubt it – that’s why you need an ADC!
What does an ADC offer?
For the customer we offer a whole host of solutions in one box and it’s broken down like this;
ADCs are not just SLBs as described earlier; they offer a whole host of security offerings, which in turn, create layered security within your current infrastructure.
The ADC we are talking about is the A10 Thunder device. This condensed, enhanced box offers up to 140gb throughput in just 1RU… honestly 1RU! A10’s leading competitor can only achieve this in a 7RU chassis. Got your attention now?
With this all-in-one 1RU box you can enjoy features such as DDOS protection, WAF and GSLB (Global server load balancing) – this means you can balance multiple sites, and may even mean you can consolidate some of your existing infrastructure. IPV4 – IPV6 translation, CGNAT (A10 are one of the only vendors that can honestly offer true Carrier Grade NAT).
this is where the device will decrypt SSL transactions and perform a deep packet inspection on them, to see if they are malicious before passing them to your Firewall re-encrypted. A firewall will just pass these through. Can you honestly have your environment working without this in place?
More and more features are going to be added over time, without impeding the performance of these boxes… “How?”, I hear you ask.
The answer is simple – A10 have produced an advanced operating system which harnesses the power of the high end components… This OS is called ACOS; please feel free to read about it here www.a10networks.com/acos
This, combined with the latest components and no moving parts, means the Thunder boxes are the choice of today’s data centre managers.
The Thunder boxes include “ASICs” for traffic management, meaning they have the lowest TPS cost in the market, combine this with Nitrox processors for SSL offloading, and low power usage, and not forgetting SSD memory or the fact these boxes are just 1RU, you would be mad not to be inviting A10 to the table for a POC. Lots of companies are!
One thing I did fail to mention is that all the security features are included in the price. A10 operate a “no licensing model” – all you pay is the cost of the box and the support fees. Guaranteed ROI.
ADCs – what they can do
So, I have talked about the security features that an ADC holds, which is certainly extra value to you and your network, but why an ADC over a SLB?
So the key here is in the “A” Application….
A10 Networks will optimise any application, no matter what. They have templates for TCP apps, HTTPS apps, and for anything else, there is AFLEX. The key is in A10’s slogan – Customer Driven Innovation. If there is something you desperately need, it can always be done within AFLEX and with the help of A10 networks.
64bit operating platform. This is the key. A10 can harness all the power of the RAM, and can then ensure they have the most powerful box on the market.
Nitrox processors. This will offload all your SSL connections, this means your servers can continue, well… serving!
ASIC’s. A10 will manage all your connections per second and ensure the user has a seamless service.
These are Layer 2 Load Balancers. What does this mean? They can see all the subnets on your network, which in turn means they can balance them too. For example, the Thunder 1030 can be partitioned into 32 SLBs, meaning it can balance up to 32 subnets. Now, think how much money you could save by introducing an ADC like A10’s onto your network and removing all the subnet SLBs? Not to mention power consumption and rack space.
Remember, the only moving parts are swappable fans, as A10 devices use SSD memory. A10 have the lowest costing CPS on the market and are the greenest and quickest! Did I mention all this scales up to 140 GB in just 1RU?
The user will feel at home with this box if they are a CISCO engineer (and let’s be honest, who isn’t nowadays?). The CLI is just like CISCO so this is extremely useful, especially if you have an estate of CISCO ACE. Also, the GUI is very easy to use. This means you don’t need to spend lots of money on retraining your engineers.
If you are going to be deploying Lync, SharePoint or Exchange 2013 then you WILL need an ADC – it’s in the deployment guides! The argument of why you need an ADC is more than compelling – I would be more than happy to offer you a Proof of Concept.
Remember this, “it’s as easy as A-D-C, to replace an S-L-B”.
Steve Millard has been working for Wick Hill for 4 years, and has a wealth of knowledge regarding SIEM and ADC’s. He regularly helps customers with training, specifically surrounding “solution sales” and is very active in assisting resellers in end user business deals. Previous to working for Wick Hill, Steve was in senior management in the leisure and tourism industry and lived and worked in many different countries. With this experience, Steve can adapt to many different cultures and has the ability to see “eye to eye” with all customers and understanding their core business needs.