A10 ships new iron, OS

Layer 4 connections per-second-per-Watt as a measure of green, anyone?

By Richard Chirgwin, 2nd May 2013

Email delivery: Hate phishing emails? You'll love DMARC

A10 Networks has announced new gateway devices and a revision to its ACOS operating system.

The three new chunks of metal are the 6430 / 6430S (same unit, with and without SSL support) and the half-the-power, half-the-price 5430S.

A10's director of product marketing Paul Nicholson introduced El Reg to yet another measure of green-ness, the number of Layer 4 connections per second per Watt it will support, a measure that seems to have less-than-ubiquitous support.

However, some of the measures in the Thunder kit come more readily to hand: the 6430S supports 150 Gbps throughput, handles 5.3 million Layer 4 connections per second, and has enough grunt to handle 1,024 tenants. The SSL-supporting version can run more than 130,000 new SSL connections per second.

For those without the $US229,000-plus (add $US40,000 to include SSL), the 5430S is a fifty-fifty tradeoff, with performance and price both more-or-less halved: 2.8 million layer 4 connections per second, and 67,000 SSL CPS at $US139.995.

The other thing the company is keen on pointing out is the small form factor, with the 6430 a single RU high. Nicholson also pointed to the “no moving parts” philosophy – or nearly none, and the fans are fully hot-swappable.

For DDoS defence, the 5230S unit claims the capacity to get in the way of 113 million SYN cookies per second, while the 6230S stops 212 million.

That feature, along with the new Web application firewall capabilities and authentication services, have been added to the A10 ACOS operating system with no extra license fees.

The authentication services, Nicholson said, are designed to simplify cases such as where different security is applied to internal and external users – such as a company Wiki, where someone outside the firewall has to authenticate, but not someone connected to the corporate LAN.

Authenticating at the Wiki's server, he pointed out, presents a risk, since if there's a vulnerability on the server, it's exposed to the outside world. So A10's position is that if the user has to authenticate to get past the Thunder device, they never get as far as the server.

“You're shifting the authentication away from a Web server's known exploits”, he told The Register. ®

5 ways to reduce advertising network latency

5 Reader Comments

Microsoft’s Cloud OS

System Center Virtual Machine manager and how this product allows the level of virtualization abstraction to move from individual physical computers and clusters to unifying the whole Data Centre as an abstraction layer.

5 ways to prepare your advertising infrastructure for disaster

Being prepared allows your brand to greatly improve your advertising infrastructure performance and reliability that, in the end, will boost confidence in your brand.