A10 Networks Debuts Thunder DDoS Hardware

Up to 155 Gbps of throughput on a single A10 box will soon be available to help defend against Distributed Denial of Service attacks.

By Sean Michael Kerner | Posted Jan 14, 2014
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

A10 Networks today announced the latest evolution of its networking portfolio, the Thunder TPS series.

The Thunder TPS is an expansion of A10's Thunder Unified Application Service Gateway lineup, which the vendor first announced in July of 2013.

Initially, A10 will offer three Thunder TPS boxes, starting with the Thunder 4435 A10 Thunder TPSTPS, which provides 38 Gbps of throughput and includes 16 x 10 GbE ports. The Thunder 5435 TPS will deliver up to 77 Gbps of throughput and also includes 16 x10 GbE ports, as well as 4 x 40 GbE ports. The big box is the Thunder 6435 TPS, which delivers up to 155 Gbps and is powered by a dual Intel Xeon set of chips that have 20 processor cores in total.

"Up to 8 Thunder 6435s can be clustered together for a combined throughput of over 1 Tbps," Jason Matlof, VP of marketing at A10 Networks, explained to Enterprise Networking Planet. "A common management console called a Galaxy implements a VCS, which is our virtual chassis system that synchronized configuration and state across all the devices."

The Thunder TPS series leverages the same ACOS operating system used in the regular Thunder boxes. ACOS is a Linux-based networking operating system. For the Thunder TPS, Matlof said that the boxes use the same ACOS, but with different licensed features.

A key capability of of the TPS is its ability to defend against volumetric DDoS attacks, as well as other forms of attack.

"We have dozens of different attack vectors we support, including volumetric, protocol, resource and application attacks," Matlof said. "75 percent of DDoS attacks are volumetric, but a significant percentage are resource attacks on the application stack."

The Thunder Unified Application Service Gateway lineup also provides security capabilities, though Matlof noted that the deployment use-case is different.

"A traditional ADC (Application Delivery Controller), like our Thunder ADC line, sits in the data center and proxies application traffic on a VIP (virtual IP) in front of a server farm," Matloff explained. "Thunder TPS is built and optimized to sit at the network perimeter and provide network-wide protection, without being restricted to a VIP, with support for 64,000 protected objects/networks, and support for multiple different network topologies."

Vs. Cloud

When it comes to defending against DDoS attack, one of the emerging trends in recent years has been a move to cloud-based services from vendors like Akamai, CloudFlare and Incapsula.

"We don’t disagree that these attacks can be prevented effectively by cloud providers," Matlof said. "We plan to serve extremely large enterprises (SaaS, Financial, Web Giants) as well as SPs and MSPs that provide DDoS scrubbing services."

He added that "some enterprises are rolling their own, and some are going the SP route, so we are neutral in our approach and anticipate selling to both."

Sean Michael Kerner is a senior editor at Enterprise Networking Planet and InternetNews.com. Follow him on Twitter @TechJournalist

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter