& cplSiteName &

A10 Brings the Thunder for DDoS Protection

Mitch Wagner
7/15/2014
50%
50%

A10 introduced a security appliance to protect networks against DDoS attacks, claiming faster performance, a smaller form factor, and more simplified licensing than competition from Cisco and Juniper.

The Thunder SPE appliance is designed to provide up to 40% performance improvement over A10 Networks Inc. 's high-end 6430 system. The appliance runs A10's Security and Policy Engine, along with security and processing hardware to allow the appliance to continue providing full functionality even when the network is under high-volume DDoS attacks, without diminishing system performance, A10 says. The SPE appliance can handle 155 Gpb/s throughput.

The SPE appliance can perform any policy-based networking actions in hardware and can work in cloud environments where policies change frequently, A10 says.

The appliance is available immediately, priced at $164,000, and works with all A10 product lines.

A10 is also integrating DDoS protection into its Thunder CGN (Carrier Grade Networking) products, providing IPv4 address extension and IPv6 migration capabilities.

Kishore Inampudi, director product marketing for A10, says the SPE appliance offers superior performance in a much smaller form factor than Cisco Systems Inc. (Nasdaq: CSCO)'s competitive offerings, which require 7-8 RU to achieve the same performance as A10's 1 RU box, with associated increased power consumption and cooling costs for the Cisco unit. Juniper Networks Inc. (NYSE: JNPR)'s equivalent product also has a bigger form factor.

"Both Juniper and Cisco have bigger form factors, primarily because of their business model," he says. "They are selling a router or switch to solve this problem." Cisco and Juniper use blades to add additional capabilities.

Both Cisco's and Juniper's licensing are more complex than A10's, Inampudi says. Cisco offers a multi-protocol pricing plan, while Juniper prices are based on performance levels.

A10 introduced Thunder Series Layer 4-7 network appliances designed to help operators make the transition to 100G and IPv6 in April, and it entered the DDoS protection market in January. The company's IPO sputtered in March, but it said its revenues "leaped" in May. (See A10 Helps With 100G, IPv6 Transitions, A10 Enters DDOS Protection Market, A10 IPO Sputters Off the Ground, and A10 Networks Reports Revenues Leap in Q1 .)

The SPE appliance illustrates a potential problem for network functions virtualization -- performance. NFV calls for moving network capabilities, like DDoS protection, off appliances like the SPE and on to commodity servers. A potential problem with that proposition is that specialized appliances offer performance lacking in commodity servers. Appliances may simply be more suitable for carrier networks. Broadcom is touting a hybrid approach for that reason. (See Broadcom Touts Hybrid Hardware Approach to NFV.)

— Mitch Wagner, Circle me on Google+ Follow me on TwitterVisit my LinkedIn profileFollow me on Facebook, West Coast Bureau Chief, Light Reading. Got a tip about SDN or NFV? Send it to wagner@lightreading.com.

(3)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
jabailo
50%
50%
jabailo,
User Rank: Light Sabre
7/15/2014 | 2:18:05 PM
Re: How...?
I guess a dumb DDOS attack would be -- single computer calling their server repeatedly.

Semi-smart would be multiple computers.

Super smart would be multiple computers with bots using staggered time schedules to simulate real users.

Of course, it would have to be a site that a person would call multiple times per day, or else you could just count the number of requests per IP address and shut down access at the firewall.

 
Mitch Wagner
50%
50%
Mitch Wagner,
User Rank: Lightning
7/15/2014 | 1:09:12 PM
Re: How...?
jabailo - Good question. I presume there is some kind of pattern to the attacks which smart protection systems can discern. 

One brute-force method of protecting against attacks is to just pile on more network capacity. That does not seem to be what's happening here.
jabailo
50%
50%
jabailo,
User Rank: Light Sabre
7/15/2014 | 10:35:17 AM
How...?
How exactly can you protect against DDOS attacks?   Don't they come as standard requests but from bots installed on client systems all over the Internet?  How would you distinguish say, a DDOS call to your home page from a user just browsing it?

 
Featured Video
From The Founder
Light Reading founder Steve Saunders grills Cisco's Roland Acra on how he's bringing automation to life inside the data center.
Flash Poll
Upcoming Live Events
February 26-28, 2018, Santa Clara Convention Center, CA
March 20-22, 2018, Denver Marriott Tech Center
April 4, 2018, The Westin Dallas Downtown, Dallas
May 14-17, 2018, Austin Convention Center
All Upcoming Live Events
Infographics
SmartNICs aren't just about achieving scale. They also have a major impact in reducing CAPEX and OPEX requirements.
Hot Topics
Here's Pai in Your Eye
Alan Breznick, Cable/Video Practice Leader, Light Reading, 12/11/2017
Verizon's New Fios TV Is No More
Mari Silbey, Senior Editor, Cable/Video, 12/12/2017
Ericsson & Samsung to Supply Verizon With Fixed 5G Gear
Dan Jones, Mobile Editor, 12/11/2017
Juniper Turns Contrail Into a Platform for Multicloud
Craig Matsumoto, Editor-in-Chief, Light Reading, 12/12/2017
The Anatomy of Automation: Q&A With Cisco's Roland Acra
Steve Saunders, Founder, Light Reading, 12/7/2017
Animals with Phones
Don't Fall Asleep on the Job! Click Here
Live Digital Audio

Understanding the full experience of women in technology requires starting at the collegiate level (or sooner) and studying the technologies women are involved with, company cultures they're part of and personal experiences of individuals.

During this WiC radio show, we will talk with Nicole Engelbert, the director of Research & Analysis for Ovum Technology and a 23-year telecom industry veteran, about her experiences and perspectives on women in tech. Engelbert covers infrastructure, applications and industries for Ovum, but she is also involved in the research firm's higher education team and has helped colleges and universities globally leverage technology as a strategy for improving recruitment, retention and graduation performance.

She will share her unique insight into the collegiate level, where women pursuing engineering and STEM-related degrees is dwindling. Engelbert will also reveal new, original Ovum research on the topics of artificial intelligence, the Internet of Things, security and augmented reality, as well as discuss what each of those technologies might mean for women in our field. As always, we'll also leave plenty of time to answer all your questions live on the air and chat board.

Like Us on Facebook
Twitter Feed