& cplSiteName &

A10 Brings the Thunder for DDoS Protection

Mitch Wagner
7/15/2014
50%
50%

A10 introduced a security appliance to protect networks against DDoS attacks, claiming faster performance, a smaller form factor, and more simplified licensing than competition from Cisco and Juniper.

The Thunder SPE appliance is designed to provide up to 40% performance improvement over A10 Networks Inc. 's high-end 6430 system. The appliance runs A10's Security and Policy Engine, along with security and processing hardware to allow the appliance to continue providing full functionality even when the network is under high-volume DDoS attacks, without diminishing system performance, A10 says. The SPE appliance can handle 155 Gpb/s throughput.

The SPE appliance can perform any policy-based networking actions in hardware and can work in cloud environments where policies change frequently, A10 says.

The appliance is available immediately, priced at $164,000, and works with all A10 product lines.

A10 is also integrating DDoS protection into its Thunder CGN (Carrier Grade Networking) products, providing IPv4 address extension and IPv6 migration capabilities.

Kishore Inampudi, director product marketing for A10, says the SPE appliance offers superior performance in a much smaller form factor than Cisco Systems Inc. (Nasdaq: CSCO)'s competitive offerings, which require 7-8 RU to achieve the same performance as A10's 1 RU box, with associated increased power consumption and cooling costs for the Cisco unit. Juniper Networks Inc. (NYSE: JNPR)'s equivalent product also has a bigger form factor.

"Both Juniper and Cisco have bigger form factors, primarily because of their business model," he says. "They are selling a router or switch to solve this problem." Cisco and Juniper use blades to add additional capabilities.

Both Cisco's and Juniper's licensing are more complex than A10's, Inampudi says. Cisco offers a multi-protocol pricing plan, while Juniper prices are based on performance levels.

A10 introduced Thunder Series Layer 4-7 network appliances designed to help operators make the transition to 100G and IPv6 in April, and it entered the DDoS protection market in January. The company's IPO sputtered in March, but it said its revenues "leaped" in May. (See A10 Helps With 100G, IPv6 Transitions, A10 Enters DDOS Protection Market, A10 IPO Sputters Off the Ground, and A10 Networks Reports Revenues Leap in Q1 .)

The SPE appliance illustrates a potential problem for network functions virtualization -- performance. NFV calls for moving network capabilities, like DDoS protection, off appliances like the SPE and on to commodity servers. A potential problem with that proposition is that specialized appliances offer performance lacking in commodity servers. Appliances may simply be more suitable for carrier networks. Broadcom is touting a hybrid approach for that reason. (See Broadcom Touts Hybrid Hardware Approach to NFV.)

— Mitch Wagner, Circle me on Google+ Follow me on TwitterVisit my LinkedIn profileFollow me on Facebook, West Coast Bureau Chief, Light Reading. Got a tip about SDN or NFV? Send it to wagner@lightreading.com.

(3)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
jabailo
50%
50%
jabailo,
User Rank: Light Sabre
7/15/2014 | 2:18:05 PM
Re: How...?
I guess a dumb DDOS attack would be -- single computer calling their server repeatedly.

Semi-smart would be multiple computers.

Super smart would be multiple computers with bots using staggered time schedules to simulate real users.

Of course, it would have to be a site that a person would call multiple times per day, or else you could just count the number of requests per IP address and shut down access at the firewall.

 
Mitch Wagner
50%
50%
Mitch Wagner,
User Rank: Lightning
7/15/2014 | 1:09:12 PM
Re: How...?
jabailo - Good question. I presume there is some kind of pattern to the attacks which smart protection systems can discern. 

One brute-force method of protecting against attacks is to just pile on more network capacity. That does not seem to be what's happening here.
jabailo
50%
50%
jabailo,
User Rank: Light Sabre
7/15/2014 | 10:35:17 AM
How...?
How exactly can you protect against DDOS attacks?   Don't they come as standard requests but from bots installed on client systems all over the Internet?  How would you distinguish say, a DDOS call to your home page from a user just browsing it?

 
Featured Video
From The Founder
Light Reading is spending much of this year digging into the details of how automation technology will impact the comms market, but let's take a moment to also look at how automation is set to overturn the current world order by the middle of the century.
Flash Poll
Upcoming Live Events
November 1, 2017, The Royal Garden Hotel
November 1, 2017, The Montcalm Marble Arch
November 2, 2017, 8 Northumberland Avenue, London, UK
November 2, 2017, 8 Northumberland Avenue London
November 10, 2017, The Westin Times Square, New York, NY
November 16, 2017, ExCel Centre, London
November 30, 2017, The Westin Times Square
May 14-17, 2018, Austin Convention Center
All Upcoming Live Events
Infographics
With the mobile ecosystem becoming increasingly vulnerable to security threats, AdaptiveMobile has laid out some of the key considerations for the wireless community.
Hot Topics
Muni Policies Stymie Edge Computing
Carol Wilson, Editor-at-large, 10/17/2017
Pai's FCC Raises Alarms at Competitive Carriers
Carol Wilson, Editor-at-large, 10/16/2017
Is US Lurching Back to Monopoly Status?
Carol Wilson, Editor-at-large, 10/16/2017
'Brutal' Automation & the Looming Workforce Cull
Iain Morris, News Editor, 10/18/2017
Worried About Bandwidth for 4K? Here Comes 8K!
Aditya Kishore, Practice Leader, Video Transformation, Telco Transformation, 10/17/2017
Animals with Phones
Selfie Game Strong Click Here
Latest Comment
Live Digital Audio

Understanding the full experience of women in technology requires starting at the collegiate level (or sooner) and studying the technologies women are involved with, company cultures they're part of and personal experiences of individuals.

During this WiC radio show, we will talk with Nicole Engelbert, the director of Research & Analysis for Ovum Technology and a 23-year telecom industry veteran, about her experiences and perspectives on women in tech. Engelbert covers infrastructure, applications and industries for Ovum, but she is also involved in the research firm's higher education team and has helped colleges and universities globally leverage technology as a strategy for improving recruitment, retention and graduation performance.

She will share her unique insight into the collegiate level, where women pursuing engineering and STEM-related degrees is dwindling. Engelbert will also reveal new, original Ovum research on the topics of artificial intelligence, the Internet of Things, security and augmented reality, as well as discuss what each of those technologies might mean for women in our field. As always, we'll also leave plenty of time to answer all your questions live on the air and chat board.

Like Us on Facebook
Twitter Feed
Partner Perspectives - content from our sponsors
The Mobile Broadband Road Ahead
By Kevin Taylor, for Huawei
All Partner Perspectives