A10 Brings the Thunder for DDoS Protection
Mitch Wagner, West Coast Bureau Chief, Light Reading
A10 introduced a security appliance to protect networks against DDoS attacks, claiming faster performance, a smaller form factor, and more simplified licensing than competition from Cisco and Juniper.
The Thunder SPE appliance is designed to provide up to 40% performance improvement over A10 Networks Inc. 's high-end 6430 system. The appliance runs A10's Security and Policy Engine, along with security and processing hardware to allow the appliance to continue providing full functionality even when the network is under high-volume DDoS attacks, without diminishing system performance, A10 says. The SPE appliance can handle 155 Gpb/s throughput.
The SPE appliance can perform any policy-based networking actions in hardware and can work in cloud environments where policies change frequently, A10 says.
The appliance is available immediately, priced at $164,000, and works with all A10 product lines.
A10 is also integrating DDoS protection into its Thunder CGN (Carrier Grade Networking) products, providing IPv4 address extension and IPv6 migration capabilities.
Kishore Inampudi, director product marketing for A10, says the SPE appliance offers superior performance in a much smaller form factor than Cisco Systems Inc. (Nasdaq: CSCO)'s competitive offerings, which require 7-8 RU to achieve the same performance as A10's 1 RU box, with associated increased power consumption and cooling costs for the Cisco unit. Juniper Networks Inc. (NYSE: JNPR)'s equivalent product also has a bigger form factor.
"Both Juniper and Cisco have bigger form factors, primarily because of their business model," he says. "They are selling a router or switch to solve this problem." Cisco and Juniper use blades to add additional capabilities.
Both Cisco's and Juniper's licensing are more complex than A10's, Inampudi says. Cisco offers a multi-protocol pricing plan, while Juniper prices are based on performance levels.
A10 introduced Thunder Series Layer 4-7 network appliances designed to help operators make the transition to 100G and IPv6 in April, and it entered the DDoS protection market in January. The company's IPO sputtered in March, but it said its revenues "leaped" in May. (See A10 Helps With 100G, IPv6 Transitions, A10 Enters DDOS Protection Market, A10 IPO Sputters Off the Ground, and A10 Networks Reports Revenues Leap in Q1 .)
The SPE appliance illustrates a potential problem for network functions virtualization -- performance. NFV calls for moving network capabilities, like DDoS protection, off appliances like the SPE and on to commodity servers. A potential problem with that proposition is that specialized appliances offer performance lacking in commodity servers. Appliances may simply be more suitable for carrier networks. Broadcom is touting a hybrid approach for that reason. (See Broadcom Touts Hybrid Hardware Approach to NFV.)