A10 Networks introduced its Thunder Security and Policy Engine (SPE) series, a new line of appliances that work side-by-side with A10's existing products to deliver enhanced, in-hardware security and policy enforcement functionality in situations when network traffic spikes, such as from a distributed denial of service (DDoS) attack.
A10 also introduced integrated DDoS protection capabilities for its Carrier Grade NAT (CGN) platform to protect large customer-facing networks from disruption.
A10 Thunder SPE: Extending security across more product lines
The new A10 Thunder SPE appliances, which are based on A10's Advanced Core Operating System, extend security functionality across the vendor's application delivery controller (ADC), CGN and Threat Protection Systems (TPS) products. The new appliances give customers the ability to implement security functions -- like traffic management or cloud security policies -- at higher processing speeds, without impacting the performance of other A10 appliances, said Kishore Inampudi, director of product marketing for A10.
"The Thunder SPE appliance adds security and policy enforcement [to] hardware appliances like TPS so it can sustain any high-volume [distributed denial of service] DDoS attacks. It just so happens that large customers -- like service providers and large enterprises want the same security capabilities on their CGNS and ADCs as well," Inampudi said.
ADCs are no longer just responsible for load balancing. There is a big security opportunity related to ADCs, which protect the performance and availably of applications, said Brad Casemore, research director at Framingham, Massachusetts-based IDC. At the same time, customers with very large environments may not benefit from security features being integrated into the ADCs themselves, but will require a separate, standalone box. "Many of the policy-based capabilities they need really are extremely performance-intensive, so a hardware-based approach in the data center is the way to do it," he said.
"There are always going to be applications that need a dedicated, purpose-built appliance to achieve the throughput, as opposed to a distributed function," said Christian Renaud, senior analyst for New York-based 451 Research. "A10 is committing to a dedicated hardware-based approach for the high-end segment of the market."
According to the company, the new SPE appliances also offer security and performance in a smaller form factor than their competitors in the security and policy management market -- namely, Cisco and Juniper.
The Thunder SPE for ADCs will be available in August, while the Thunder SPE for TPS is currently shipping, A10 said.
Integrated DDoS protection on CGN appliances
In addition to its new line of standalone SPE appliances, the company is also integrating DDoS protection functionality into its A10 Thunder CGN products. The added security feature will limit network exposure, decreasing the opportunity for sophisticated attacks to strike. It will also help protect IPv4 to IPv6 network address migration. Service providers and other customers with public-facing services within large networks are making the transition to IPv6, but there is a lot involved in that network address translation, and a high demand for DDoS protection for CGNs, IDC's Casemore said.
"There is an opportunity when it comes to big service providers dealing with security issues, frequent volumetic attacks, and issues with IPv4 to IPv6 translations, and the number of attacks is only growing," he said. "The sweet spot is within large network infrastructure and the applications running there. This capability is being positioned as a means of thwarting and mitigating threats that could be disruptive or worse to those operators."
A10's Thunder CGN SPE is available and shipping now.
A10 introduces Thunder TPS
ADC market: Complexity spells opportunity for solutions providers
Integrating performance management and ADCs