What is an Application Delivery Controller (ADC)?

A10 Networks Blog

Application Delivery Networking

Application delivery networking is the practice of creating a framework of technologies that work together to provide the appropriate levels of application availability, security, visibility, and acceleration to networked applications. These application delivery networking technologies feature their own proprietary CPUs and generally reside at the network endpoints. They enhance the delivery of applications across the Internet via a variety of optimization techniques.

What is an Application Delivery Controller?

As the name describes, an Application Delivery Controller (ADC) delivers application services and controls communications between clients and application servers. The term controller, in this context, is the function of managing (or controlling) the flow of data between computing systems, such as client devices and application services, optimizing application performance, availability and security.

ADCs Act as a Reverse Proxy

Client requests interact with the ADC, and the ADC, acting as a reverse proxy, interacts with application servers on the client’s behalf. Since the ADC is in the data path, application acceleration, monitoring, management and security services can be performed in-stream.
The diagram below shows a common configuration, with the ADC residing in the DMZ network subnet, inspecting and securing network access from clients residing on the Internet.

Commond ADC Configuration within DMZ

Commond ADC Configuration within DMZ

Application Delivery Controller Services

Server Load Balancing (SLB)

Server Load Balancers are a standard part of many enterprise and cloud infrastructures. SLB systems provide application:

Health Monitoring

Since ADC’s are in the data path between clients and applications, they have visibility of application behavior and performance. ADC systems can health check, monitor, analyze and log client requests coming to the application as well as the application responses. This visibility is often only available easily to the end user, often after receiving performance issues. ADC systems can monitor and analyze application or server bad behaviors as these occur.

Application Acceleration

Application acceleration uses a number of technologies to improve application performance and response time over network connections. Such techniques include data compression, caching, connection multiplexing, and traffic shaping.
Acceleration technologies include network optimization. Network optimization overcomes network issues such as WAN latency, packet loss, and bandwidth congestion. Network optimization also addresses challenges that adversely affect application performance such as “chatty” protocols, e.g. HTTP and CIFS/SMB, and inefficiencies in TCP/IP stack implementations.

SSL Offloading

ADC often have SSL offloading capabilities to move the load of terminating SSL sessions from the application server to the ADC. The ADC removes load from application servers, which often perform SSL operations in software, and performs this operation in SSL hardware platform residing in the ADC platform.

DDoS Protection

DDoS attacks are increasing in frequency three to four times year after year. These attacks cause serious disruption to businesses, often costing millions of dollars.
ADC platforms often offer DDoS prevention and mitigation systems that block attacks at the edge of the network, preventing these attacks from reaching the application servers. When the ADC has SSL offload enabled, DDoS attacks using SSL tunneled traffic can be detected and blocked safely at the ADC, without exposing applications and servers.


ADCs have been deployed to protect, load balance and ensure availability for critical DNS infrastructure by Internet and DNS service providers.
Challenges in protecting and optimizing DNS infrastructure

Reduce load for protected servers (up to 70%)

Increased security for backend servers

Web Application Firewall

Some ADC products built in a Web Application Firewall (WAF). A WAF is used to protect against web attacks and shield applications from security vulnerabilities. These security threats include Cross-site scripting (XSS), SQL injection, cookie poisoning, data form overruns, and various mal-formed HTTP packets. Some vendors include this feature with the ADC license.

Central Authentication

Application Delivery Controllers can act as a central authentication point. Clients can send their authentication session to the ADC which then is responsible for verifying authentication and authorization. ADC systems can interface with a variety of AAM systems. Providing central authentication services offloads the application servers from this processing load and reduce complexity in the application environment.

Multi-Tenancy Support

SDN and multi-tenancy networks are complex and require network systems to be aware of these new protocols and technologies. Overlay SDN protocols such as VxLAN and NVGRE encapsulate IP data streams. Network devices, such as ADC systems, are often required to see inside these encapsulated network streams to properly control and steer traffic.

Related Terms

How A10 Networks Can Help

The A10 Networks line of Application Delivery Controllers is designed to help organizations simplify and streamline their approach to application delivery networking.

Learn how Delta Dental assured application availability, performance, and integrated security with the A10 Thunder ADC.

Robert Keith
July 10, 2018

About Robert Keith

Robert has 30 years of experience in IT technology development and infrastructure management. He was the founder of several infrastructure ventures including Intellivence, MaxSP, Sentrik and most recently was the CTO of Iron Networks. As CTO of Iron Networks in San Jose, CA, he worked directly with many companies in the Silicon Valley to design and architect network, security, and cloud solutions. He worked directly with Microsoft engineering in the design of their cloud architectures including storage, Hyper-V, Systems Center and Virtual Networking. He also worked directly with Hortonworks to design a Hadoop deployment and management system using CentOS and many layered software packages. READ MORE