Ludicrous Performance for Software SSL
There are many recognized benefits to moving more network functions from hardware to software, including flexibility and scalability. And as service providers prepare for 5G, using virtualized network functions will be increasingly required to deal with the performance and scalability needs that are beyond current 4G infrastructures. The same benefits are true for enterprises who are increasingly deploying the network functions as software in their private cloud and public cloud infrastructures.
A10 Networks has been working closely with our partners and customers to deliver high-performance software for multi-cloud and 5G security. In 2017, we collaborated closely with Microsoft to demonstrate industry’s first and highest-performing virtual appliance in Azure. At RSAC 2019, we are demonstrating another milestone by enabling SSL/TLS acceleration for software solutions.
Sending unencrypted data on the internet is analogous to entering a bloody battlefield without armor. The chance of coming out unharmed is near zero, so SSL decryption is required. By using a combination of certificates and crypto algorithms, SSL provides secure identification of the client and server, and end-to-end secure delivery of the communication between the client and server. Secure socket layer certificate management and crypto computation is laborious and compute expensive.
The distributed application development and 5G/IoT trends are enforcing an agile and scalable deployment model for hosting applications, and the associated services, to ensure secure application delivery. Whether you are applying network policies, firewall or load balancing rules, real-time threat and BOT detection, you want the flexibility and scalability of a software solution and the performance of a purpose-built hardware appliance.
The A10 Networks reverse-proxy-based load balancing solution and forward-proxy-based SSL decryption/encryption solution provide many such useful network and security services for secure application delivery. For example, an important feature is offloading SSL processing for central management and performance optimization.
At RSAC, we are demonstrating how customers can now combine the high performance of hardware with the agility and scalability of software. High performance is enabled for both a bare metal-based solution, Thunder Bare Metal, and a VM-based solution, vThunder.
A bare metal solution allows customers to deploy A10 Networks’ services on a custom off the shelf (COTS) x86 server. The VM-based solution allows customers to run A10 Network services on a software stack with KVM, VMware ESXi or Microsoft Hyper-V hypervisors.
When SSL acceleration is enabled on the A10 Networks bare-metal or virtual-machine solutions, it provides a 10x increase in SSL performance. And, there are significant benefits on CPU compute utilization, SSL connections per second, SSL throughput for both RSA and Elliptic Curve (ECC) cryptos using software. The solution can be deployed in leading software ecosystems.