DDoS Detection, Mitigation, Orchestration, and Threat Intelligence
Consolidated Security & CGNAT
TLS/SSL Inspection
Web Application Firewall
Application Security & Load Balancing
Analytics & Management
CGNAT & IPv6 Migration
Years ago, when I first started working with load balancers, I would talk about how load balancing was the basis for all application delivery controllers (ADCs). We can still have a technical discussion about the benefits of different load-balancing algorithms like least connection vs. round robin vs. slow start, etc. but what separates a load balancer from an ADC is the ability to accelerate traffic and optimize back-end resources.
While many features and functions have been added to ADCs over the years, the design and functionality requirements have recently changed. In part, this change has gone in a different direction than many of us expected. For years, I would visit customers touting the fact that we now had the fastest, highest capacity, and most virtual instances or the best ability to off-load IO functions from the back-end hardware
The advent of the cloud and the changing role of DevOps in infrastructure design has changed everything. First, size and capacity no longer matter in cloud environments because the design of first choice is a single soft ADC instance per application. Reducing the overhead on back-end server resources by off-loading IO-intensive functions is not as attractive as it used to be because cloud environments offer unlimited resources on-tap. This apathy toward optimizing the use of back-end resources is part reason that costs of using the cloud is out of control but that’s a different discussion.If the traditional pitch of “half the price/twice the performance” isn’t the driver for enterprises today, what is? Now, it is more often a combination of four things:
In the age of Agile-driven DevOps and the public cloud, ease of procurement and acquisition is often king. In many cases, ADC buyers, specifically developers, have avoided traditional manufacturers in favor of cloud-native solutions like AWS Elastic Load Balancing. This is done for many reasons, but primarily, it is time, complexity and rigidity involved in purchasing a usable cloud instance.
To illustrate this point, AWS load balancing, which is only available for AWS, has grown in market share to over 20 percent. While this makes sense given that AWS is the largest cloud provider, consider that when Elastic Load Balancing was first released, it didn’t even offer basic features like session persistence. Therefore, developers had to build it into each and every app separately. This slowed developers down but the ease of acquisition and, in some cases, lack of knowledge about traditional ADC functionality drove the decision to buy from their cloud provider rather than a traditional ADC vendor.
The good news for the traditional players is that most large enterprises have embraced a hybrid approach where some of their resources are in a cloud (and usually more than one) and some are still in the corporate data center. This disaggregation of the data center along with the rise of DevOps has led to some interesting management challenges — different technology inside multiple data centers and clouds. The traditional ADC players have finally brought products to market and developed licensing models that address the ease of procurement, ease of use and the dynamic nature of Agile DevOps. These all-you-can-eat and flexible licensing models allow companies to spread capacity and instances as needed to meet these challenges while retaining a corporate standard and knowledge base. In many cases, these models are superior to what the cloud-native solutions offer both in terms of flexibility and definitely in terms of functionality.
Five years ago, the three largest ADC manufacturers held more than 87 percent of the entire global ADC market. Lack of knowledge and increased complexity have changed the landscape and new competitors have come along with innovation to service new buyers.
An enterprise ADC can do many things but if you don’t know what it can do, you likely won’t take advantage of its full capabilities. Additionally, if the technology is too complicated, networking teams will look elsewhere. This has resulted in the disaggregation of functionality, which has happened over time. The lack of session persistence in Elastic Load Balancing is such an example.
Ease of use has reached another inflection point. Ease of use is, itself, undergoing a next-generation moment. Why? Because the ADC is the natural control point among applications, infrastructure and the network. This is even more the case in container-based infrastructures where the container’s built-in load balancer is a key component in scaling up and down. I will address this further under extensibility.
For the past 20 years, visibility has been a growing topic in the ADC space. In fact, some of today’s largest application performance management (APM) and network visibility companies formed out of traditional ADC vendors. Unfortunately, none of the ADC vendors truly embraced the ADC’s unique place in the network to build a full performance monitoring solution until the last few years. With the development of basic SLA management, ADC vendors could observe deviations from the normal response times and then direct administrators towards the network, the client or the back-end systems. But this information wasn’t very specific. For example, the SLA manager might say that the back-end system was the problem but that’s all the information it would supply. This might meet minimum requirements, but the team wouldn’t know if it was the database tier, the web front-end or if it was a hardware or software problem, let alone a code, operating system, etc. It’s a bit like taking your car to the mechanic and asking what the problem is and the answer is, “we narrowed it down to the engine.” Well, at least we know it’s not the wheels.
While the need for visibility is clearly self-evident, the growth of DevOps, public clouds and containers has spawned an increased need for greater agility, as well. This, in turn, is pushing us towards full automation and intent-based networking. Actionable intelligence is the key; the telemetry we collect becomes the basis for making intelligent IT decisions. The ADC is the ideal place to see both the front-end network and back-end systems performance. In our application-driven world, the ADC is the ideal orchestration point.
As impressive as the visibility it is for improving application availability, it is only so valuable on its own.
The innovation taking place today is around making this telemetry actionable and creating a pre-built easy to use platform that integrates with third parties. This ability to have your ADC act as an IT orchestrator can be a game changer. It is in the ideal location to observe and fix performance problems by alerting or resolving configuration or resource issues (network, systems and security), changing routes for optimal access and providing detailed KPIs, etc. In the past, ADCs could limit our cost exposure by enhancing the capacity of our limited resources, including servers and storage, in the private data center. Today, they can limit our financial exposure by right-sizing our elastic resources.
The key take-away is that the benefits derived from a true enterprise-class ADC are more applicable than ever and the value derived in terms of time-to-market, stability, visibility and manageability can be immense. It is critical for networking teams to do their research and choose an ADC with current and future states in mind. Look for a solution that is flexible in capabilities, pricing and acquisition. Make sure it has good visibility and a vision that this visibility is something you can take action on. Lastly, choose a company that has a clear vision for innovation and little product overlap. Too many times, we have seen large companies make acquisitions and fail to integrate the solutions.
Look for the one company that can offer it all:
To learn more about A10 Networks Thunder ADC, please visit the Thunder ADC product page.
Daniel Lakier is the director of network solutions at Myriad360. He has been in the greater technology industry for more than 20 years. During that time, he has worked in multiple verticals including the energy, manufacturing and healthcare sectors. Lakier enjoys new challenges and as such has enjoyed several different roles in his career from hands-on engineering to sales and leadership roles. He continues to be involved in helping several technology startups reach their potential. Lakier regularly publishes blogs and articles on topics such as simplifying seemingly complex IT and compliance to educate line of business executives. When he isn’t at the office, he enjoys the outdoors and chasing his wonderful daughters.
About Myriad360
Myriad360 is an A10 Networks partner. The company delivers industry-leading technology solutions to transform and secure its clients’ IT strategy, infrastructure, and business. To learn more about Myriad360, visit https://myriad360.com/
Learn more about A10’s products and solutions: