DDoS Protection and Security for Data Centers & Applications
A10 Thunder and AX Series Application Delivery Controllers (ADCs) add another security layer for load balanced servers and applications. Adding to a defense in-depth strategy, key protections are architected into the A10 ADC hardware and software.
A10 Thunder and AX Series implement a series of specialized programmable ASICs to offload attack detection and prevention functions from other devices. With hardware accelerated defenses, data centers are protected from Distributed Denial of Service (DDoS) and protocol anomaly attacks without sacrificing performance.
- Hardened System Architecture
Secures the ADCs with a purpose-built operating system that is dedicated to application acceleration functions, out-of-band management, secure management interfaces, and more.
- High-Performance Secure Email
Support for STARTTLS to enable secure email traffic to and from SMTP servers by encrypting mail traffic to and from clients.
- Web Application Firewall (WAF)
Protects web sites from attacks, helps ensure against code vulnerabilities and prevents data leakage. Built on the highly scalable ACOS, A10's WAF delivers industry-leading performance within an integrated A10 ADC appliance, with the ability to run multiple features to mitigate all applicable threats on the Open Web Application Security Project (OWASP) top 10 list. A10's WAF also aids in regulatory security compliance, meeting requirements for, among others, Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry (PCI) Data Security Standard (DSS).
- Application Access Management (AAM) for Authentication
Integrates within ACOS to enhance data center infrastructure protection and server efficiency by offloading authentication functions and ensuring back-end servers do not receive unwanted or unauthenticated traffic. AAM supports the most popular authentication services/stores, including RADIUS, LDAP, Active Directory, Kerberos and more without adjustments to web servers or infrastructure.
- DDoS and Anomaly Protection
Provides high-performance detection and prevention against denial-of-service and protocol attacks that can cripple servers and take down applications. Since the ADC is placed between the routers and data center resources, it is ideally positioned to detect and stop attacks directed at any data center server or application. Through specialized ASICs, the ADC can continue to inspect, stop and redirect all application traffic at network speeds.
- Customizable Security Policies
Using the ADC's intuitive Web management interface or industry standard CLI, data center administrators can quickly develop sophisticated security policies and leverage the ADC's ASIC-accelerated architecture to look deep into traffic flows for threats in order to secure applications and servers. Methods include both standard and extended Access Control Lists (ACLs) and the flexible aFleX scripting feature.
- Policy-Based SLB (PBSLB)
A10's ADC devices allow you to "black list" or "white list" individual clients or client subnets. Based on actions you specify, the ADC will allow (white list) or drop (black list) traffic from specific client hosts or subnets in the list. With the capacity for 8 million host entries and up to 32,000 subnet entries, PBSLB greatly augments anti-spam capabilities.
- Line-Rate Performance
Provides line-rate performance for attack scanning, detection and prevention functions by leveraging ACOS's traffic optimization and ASIC-accelerated hardware architectures.
A10 Networks partners with Imperva's SecureSphere Web Application Firewall for a best-of-breed server load balancer and Web application firewall solution. Read about the joint solution in the A10 ADC and Imperva Secure Sphere Solution Brief.