A10 Thunder Series

Application Delivery
Controller (ADC)
Overview

©A10 Networks, Inc.

Thunder ADC Solutions to Enhance Your Business

Availability Acceleration Security

 Scale Web and key  Provide fast and  Protect against

infrastructure responsive services advanced and
emerging attacks
 Reduce downtime  Competitive
advantage  Protect brand and
 Ensure business
guard against
continuity  Drive down CAPEX
and OPEX revenue loss
 Meet required
compliance
standards

©A10 Networks, Inc. 2

Solutions
Enterprise Data Center

 Application availability
Security:
– To maintain uptime DDoS Mitigation
– SLB, GSLB, high-availability (HA), WAF
Health-checks, more… DAF
AAM
Backup Data Center
 Application acceleration
Acceleration:
– For equipment consolidation and SSL Offload
faster user experience Availability: TCP Reuse
GSLB A10 ADC RAM Caching
– Caching, compression, network High-availability Compression
optimization, more… Health-checks

 Application security services

– For brand and asset protection while
enhancing your existing security
– FWLB, WAF, SSL services, more… Web App DNS Other App

©A10 Networks, Inc. 4

DMZ Security Solutions

 Scaling security devices and Firewall Load Balancing

DDoS Mitigation
encrypted communications WAF
DAF
– SSL Intercept: Eliminate encryption blind AAM
spot and scale security appliances A10 ADC Traffic Steering
aFleX Scripting
– FWLB and SSL offload, more… SSL Offload
Firewalls
 Defend against emerging IDS/IPS
DDoS attacks DLP
Other
– Network and application protection
Firewall Load Balancing
 Selectively apply dynamic A10 ADC
SSL Intercept
security chains
– Traffic steering and advanced
ADC services

Data Center Internal Users

©A10 Networks, Inc. 5

Service Provider Solutions

 Optimized network efficiency and

services
– Traffic steering and service chaining
 Enhanced service availability
– Load balancing for Web, caches,
Diameter, SIP, IPv4/IPv6 more…

Service Provider Networks

©A10 Networks, Inc. 6
Solving Customers’ Critical Business Challenges

ADC services for millions of customers

Improved reliability over legacy Cisco ACE load balancers while
keeping costs down.

Data center efficiency with large traffic volumes

Best value to sustain very high traffic volume with the least capital and
operational expense, and all required features.

Powering multiple internal and external services

Multi-tenancy consolidates internal applications and external web
servers ADC environment, reducing OPEX and CAPEX.

Reducing costs by consolidating legacy appliances

A10 ADCs enable consolidation of racks of legacy load balancers for
operational efficiency and ease of management.

©A10 Networks, Inc. 7

Enhancing Key Applications

 Microsoft
– Exchange and Lync certified, tested integrations include
SharePoint, IIS & more…
 Oracle
– Deployment guides for Application Server, E-business Suite,
PeopleSoft Enterprise, Oracle Siebel CRM, WebLogic
 SAP
– Reliability, security & performance certified for Business
Objects Explorer (BOE), SAP Netweaver Portal & SAP CRM
 VMware
– VMready certified, VMware View
 Other – Blackboard, Apache & more…

©A10 Networks, Inc. 8

Application Availability
Application Availability

Highly available applications and data centers

High performance Global server load

server load balancing: balancing (GSLB):
Scaling capacity for peak Intelligence for
loads global operations

Health-checks: High availability:

Complete For uninterrupted
application fault operation
detection

©A10 Networks, Inc. 10

Performance and SLB: Scaling Capacity for Peak Loads

 Large capacity to handle high traffic ACOS

volumes in 1RU performance
No restrictions
– Up to 150 Gbps throughput Hardware
offload
– 5 M new sessions/sec
– 256 M concurrent sessions
 Benefits: A10 ADC

– Optimized for maximum performance

with ACOS
– Hardware offload
– All-inclusive performance on
hardware appliances

Data Center

©A10 Networks, Inc. 11

High Availability: For Uninterrupted Operation

 Eliminates the ADC as a point of failure

 Benefits:
– Sub-second failover
– Active-standby, active-active or N+1 options
– Stateful failover to preserve sessions
A10 ADC

Data Center

©A10 Networks, Inc. 12

Health-checks: Complete Application Fault Detection

 Ensures servers are able to handle

users as intended
 Benefits:
– Users always receive the optimal
experience
– Ensures all components needed are A10 ADC
functioning
– Network, application (HTTP, DNS, more…)
or database health-checks

Unreachable Component Traffic

down directed to
e.g. database active server

©A10 Networks, Inc. 13

GSLB: Intelligence for Global Operations

 Provides multi-data center resiliency

 Benefits:
– Enables disaster recovery on failure or Geo Site
active-active data centers
– Optimizes users to the best performing
data center (e.g. response time,
A10 ADC
geo-location, more…)
– Ensures user’s Web experience is the fastest

Data Center

©A10 Networks, Inc. 14

Application Acceleration
Application Acceleration
Application acceleration for a faster user experience and optimized utilization
Technology for Application Acceleration

TCP Optimization: Compression:

Improve application Optimize any
performance bandwidth level

SSL Acceleration: RAM Caching:

Secure applications Faster page loads equal
more revenue

©A10 Networks, Inc. 16

TCP Optimization: Improve Application Performance

 Reduces TCP connection

management overhead
– TCP reuse (multiplexing) to offload server Many TCP
connection setup and tear down Connections

 Benefits:
– Increases overall server capacity A10 ADC
Reduced TCP
– Reduction in connections Connections

– Improved response times less

required servers
 Details:
– Server TCP stack offload
– Persistent connection to servers
Data Center

©A10 Networks, Inc. 17

SSL Acceleration: Secure Applications

 Offloads compute intensive SSL traffic

– Hardware security processor assist
 Benefits: Secured
HTTPS
– Eliminates high SSL CPU overhead
from servers
– Servers support many more transactions A10 ADC Unsecured
per second HTTP

– Simpler certificate management

 Details:
– 4096-, 2048-, and 1024-bit keys
– 2x key size = 3x to 7x drop in legacy
SLBs capacity
Data Center

©A10 Networks, Inc. 18

RAM Caching: Faster Page Loads Equal More Revenue

 RAM Cached objects served from the

Thunder ADC Repeated
– Eliminates repetitive fetches for frequently Requests
Served From
requested objects Cache

 Benefits:
– Faster response to the end user A10 ADC
– Reduce connections and server requests
– Reduce servers due to offloaded traffic
 Details:
– Static or dynamic support
– Extensive object type support
Data Center

©A10 Networks, Inc. 19

Compression: Optimize Any Bandwidth Level

 Reduces transmission size for HTTP

– Smaller payload to transfer to the end user
 Benefits: Compressed
Traffic
– Optimize traffic for international, mobile,
legacy devices, etc.
– Faster delivery to end-user A10 ADC
Uncompressed
– Offloads Web server CPU cycles Traffic

 Details:
– Gzip & deflate encoding support
– Hardware or software options

Data Center

©A10 Networks, Inc. 20

Application Security
Application Security

Enhance existing security infrastructure, and protect against the latest threats

Web application DDoS protection:

firewall (WAF): Multi-vector edge
Eliminate common Web protection
attacks

Application access SSL intercept: DNS application

management (AAM): Eliminate the firewall (DAF):
Add authentication outbound SSL Protect critical
seamlessly blind spot infrastructure

©A10 Networks, Inc. 22

WAF: Eliminate Common Web Attacks

 Benefit:
– Protect web applications
– Ensure against code vulnerabilities and assist
PCI-DSS/HIPAA compliancy
– Prevent damage to intellectual property,
data and applications
 Advantage:
– Fully integrated/designed for ACOS
– No license; single device solution
– Scalable and high performance

©A10 Networks, Inc. 23

AAM: Add Authentication Seamlessly

 Benefit:
Authentication
Access
– User authentication required for resource access Access Request
Challenge
Granted
Request
Success
– Enhanced protection and server efficiency
– Authentication offload
 Advantage: AAM
– Supports popular authentication services/stores
– No adjustment to web servers or infrastructure
– Seamless integration

©A10 Networks, Inc. 24

SSL Intercept: Eliminate the Outbound SSL Blind Spot

 Benefit: Server
4
– Eliminate encryption blind spot to inspect encrypted
encrypted traffic, including malware and
advance persistent threats (APTs)
3
 Advantage:
– Optimized decryption with dedicated security A10 ADC

processors for CPU intensive 2048-bit keys 5 decrypted

DLP
Inspection/
– Offloads firewalls that can’t scale Protection IDS
UTM

SSL decryption Other

2
– Freedom to work with any traffic
inspection/mitigation device A10 ADC

6
1 encrypted

Client
©A10 Networks, Inc. 25
DAF: Protect Critical Infrastructure

 Benefit:
– Uninterrupted DNS services
– Protects vulnerable infrastructure Regular Clients “Zombies” Malicious and
Perform as Infected Clients Invalid Non-DNS
– Ensures infrastructure cannot be a Expected Generating Requests Traffic on Port 53
weapon against a 3rd party
 Advantage:
Denied
– Blocks non-DNS traffic (up to 70%)
Surge Protection
– Surge protection Optional Malicious
and Invalid Traffic Allowed
– Full DNS command set (aFleX Redirection
and built-in)
– Redirection for “honey pots”

DNS Infrastructure
Result = Reduced and Optimized
CPU Usage

©A10 Networks, Inc. 26

DDoS Protection: Multi-vector Edge Protection

 Benefits:
– Large-scale DDoS protection
– Advanced protection features
– Predictable operations
 Advantage:
Infrastructure
Geographic
Connection
L7
Slow
Rate
aFleX
SYN
More…
DDoS
L7Limiting
Flood
Attacks
Control
Protection
Limiting
Control
– Full DDoS defense covers network and
application attacks
– Hardware DDoS protection for common attacks
– SYN flood protection to 200 M per second

©A10 Networks, Inc. 27

Thunder Management
Comprehensive Management Options

 Comprehensive management options for operational simplicity and reduced

management cost
– CLI and GUI: Ease of Use and Management
– aFleX: Comprehensive DPI and traffic management
– aXAPI scripting: Customizable management options for integration
– aGalaxy: Centralized and automated operations for lower TCO
– 3rd party integrations: SDN and Cloud orchestration integration
– Other management options:
 Application delivery partitions and layer 3 virtualization (ADP/L3V)
 Virtual chassis system (aVCS)

©A10 Networks, Inc. 29

GUI and CLI: Ease of Use and Management

 GUI (Graphical User Interface)

– Fewer screens and steps for tasks
– Intuitive and easy to use
 CLI (Command Line Interface)
– Industry standard CLI, familiar interface
– Easy to use, comprehensive help

©A10 Networks, Inc. 30

aFleX: Comprehensive DPI and Traffic Management
Example: Automatically displays a Web page
based on the user’s language, using the
 Deep packet inspection and language set in the user’s browser.
scripting technology
 Benefits
– Adjust traffic and L7 data as needed
– Fix or optimize applications
– Complete traffic control
English

Chinese Japanese Spanish

©A10 Networks, Inc. 31

aXAPI: Customizable Management Options for Integration

 Integrate into 3rd-Party Applications Third-party Application aXAPI

– Reporting Authentication request,
containing Thunder
– Centralized configuration management admin username and If authentication is
successful, Thunder replies
password.
with a session ID and status
– Provisioning 200 - ok

 Custom Management Solutions Configuration or

monitoring request,
If session ID is Valid, and
containing the session ID
session has not timed out
– Integrated into homegrown apps versus or been closed, Thunder
performs the requested
using the A10 CLI or GUI action and replies with
Next configuration or status 200 - OK
monitoring request,
 Interactive Infrastructure containing the session ID
Thunder performs
– Applications can issue triggers to change requested action, if session
ID is valid and session has
Third-party application
traffic management behavior based on sends session close not timed out or been
closed
external events request or allows session
to time out.

©A10 Networks, Inc. 32

aGalaxy: Centralized/Automated Operations for Lower TCO

 A central network management

system for all A10 devices
 Benefits:
– Automate repetitive tasks and
eliminate human error
– Centralized control of events and
configuration
– Faster operation for reduced OPEX

©A10 Networks, Inc. 33

3rd-Party Integrations: SDN/Cloud Orchestration Integration

 Achieve automation, operational agility, and

reduced TCO
 SDN integration
– Overlay & fabric integration
– VXLAN and NVGRE
– IBM SDN-VE, Cisco APIC, VMware NSX
 Cloud orchestration integration
– Policy integration with Cloud orchestration platforms
– aGalaxy, Microsoft SCVMM, VMware vCloud
Director, OpenStack

©A10 Networks, Inc. 34

Other Management Options: ADP/L3V and aVCS

 ADP and L3V Multi-tenancy  aVCS clustering

– Multi-tenancy for consolidation – Single point of management
– Separate admin look and feel, – Scale up to 8 units in a cluster
overlapping IP addresses
– Scale to 1.2 Tbps in a cluster
– Up to
 128 partitions
 1000+ L3V partitions

©A10 Networks, Inc. 35

Product Portfolio, ACOS
and ADC Form Factors
Thunder ADC

Rich Flexible Smart

features deployment design

 Server load  Broad array of form  Designed for

balancing and factors optimal
application delivery – Virtual performance
 Acceleration – Physical  Delivering maximum
– Hybrid uptime
 Security (WAF, SI,
DAF, DDoS, more…)  For on premise or  Green, data center
cloud deployments friendly design

Enabling Highly Available, Accelerated and Secure Applications

©A10 Networks, Inc. 37

 ACOS: Best-in-Class Performance Scalability
Efficient &
Accurate Memory Shared Memory Architecture
Architecture

64-Bit Multi-Core CPU CPU CPU CPU

Optimized 11 22 3 N
N Compression

SSL

Optimized
Flow Distribution Flexible Traffic Accelerator

Switching and Routing

©A10 Networks, Inc. 38

 Thunder ADC Hardware Appliances
150/145 Gbps (L4/L7)
7.1M L4 CPS
150/145 Gbps (L4/L7) 38M RPS (HTTP)
5.3M L4 CPS SSL Processor
79/78 Gbps (L4/L7) 31M RPS (HTTP) Hardware FTA
6M L4 CPS SSL Processor
79/78 Gbps (L4/L7) 32.5M RPS (HTTP) Hardware FTA
3.7M L4 CPS SSL Processor
20M RPS (HTTP) Hardware FTA Thunder 6630 ADC
SSL Processor
Hardware FTA Thunder 6430(S) ADC
Thunder 5630 ADC
Price

Thunder 5430(S)-11 ADC

77/75 Gbps (L4/L7)

2.8M L4 CPS
17M RPS (HTTP)
SSL Processor
38 Gbps (L4&L7) Hardware FTA
30 Gbps (L4&L7) 2.7M L4 CPS
750k L4 CPS 11M RPS (HTTP)
10 Gbps (L4&L7) 3M RPS (HTTP)
450k L4 CPS SSL Processor Thunder 5430S ADC
2M RPS (HTTP)
5 Gbps (L4&L7) SSL Processor Thunder 4430(S) ADC
200k L4 CPS
1 M RPS (HTTP) Thunder 3030S ADC
Thunder 1030S ADC
Thunder 930 ADC

Performance
©A10 Networks, Inc. 39
vThunder Software Appliances

vThunder (Perpetual Licensing)

 200 Mbps to 8 Gbps
 VMware, KVM, Hyper-V & Xen
hypervisors
 Dynamic provisioning, faster roll out High-performance
 Scale up or down on-demand 8 Gbps
Price

High-performance
4 Gbps
Entry Level/Lab
1 Gbps

Entry Level/Lab
200 Mbps

Lab Edition

Performance
©A10 Networks, Inc. 40
Other vThunder Appliances and Flexible Billing Options

Rent (RBM) Utility (UBM)

License per Month License per Byte

vThunder for AWS vThunder Pay-as-You-Go

Licensing
 10 Mbps to 1 Gbps licensing
 1 click provisioning of 64-bit Amazon  Elastic & adaptive
Machine Image (AMI)  “Pay-as-you-Go” metering
 EC2 or VPC environments  Automated licensing
 No feature limitations; licensed by  For IaaS providers only
bandwidth
 BYOL perpetual license or hourly based
license

©A10 Networks, Inc. 41

Thunder Hybrid Virtual Appliance (HVA)
 Why HVA?
– Hardware acceleration
– Deploy instances on demand
– Consolidation
– Strong hypervisor-based isolation
Thunder 3530S HVA

Price
 Advantage: 40 instances,
Thunder 3030S HVA 100 Gbps
– Hardware performance, virtual flexibility 8 instances,
– OpenStack management 35 Gbps

– SR-IOV support for network and SSL

acceleration
– No performance or feature licenses Performance

©A10 Networks, Inc. 42

Summary
Thunder Buzz

“Provides substantial value…very high performance platforms,

but only 1RU in size…”

Mark Fabbi, Gartner | Source: NetworkWorld

“…simplify our IT environment…to

“…provide value and efficient
meet and exceed service level
networking to our customers.”
agreements for all of our users.”
Jeff Doyle, Vice President of
Engineering, TorreyPoint George Hamin, Director eBusiness &
Information Systems for Subaru Canada, Inc.

©A10 Networks, Inc. 44

Summary – Thunder ADCs for Today’s Application Concerns

 Provides a better application experience, while optimizing your environment

 Provides essential application delivery features
– Availability
– Acceleration
– Security
 Broad array of high performance Thunder form factors
– Physical, hybrid, virtual and cloud

©A10 Networks, Inc. 45

vThunder Free Trial – Try Today

 Visit www.a10networks.com
– 30 days, 5 Mbps limit
– Full features
– For VMware, Hyper-V, KVM and Xen

©A10 Networks, Inc. 46

THANK YOU
www.a10networks.com