The hottest protection enterprise data center A10

2022-09-22
  • Detail

Protect enterprise data center A10 launches thunder ADC

at present, data center servers are the target of various malicious attacks. Network criminals use existing attack kits and massive BOT viruses to launch distributed denial of service (DDoS) attacks to invade data center servers. Steal important data by executing web attacks such as SQL injection and cross site scripting. At the same time, DNS servers can also be used to launch large-scale DNS image attacks against dissidents, competitors and extortion objects. In order to cover up malicious behavior, attackers use SSL to encrypt communication and attack blind spots in enterprise security defense measures

a10 thunder application delivery controller (ADC) product line can help enterprises protect data center infrastructure from threats. Thunder ADC can be deployed in the front end of important assets in the data center to accelerate the application, ensure the high availability of the application, and the most important thing is to ensure the security of the application. Because thunder ADC can protect applications and users at the same time, it has become a key component of enterprise data center security strategy

protect enterprise data center assets

in order to protect the data center infrastructure from attacks, enterprises need to be able to mitigate multiple attack vectors, And provide excellent applications "In fact, the right place for garbage is the solution for resource performance. Thunder ADC fully meets the needs of enterprises: using shared memory architecture, 64 bit scalability and advanced stream processing functions, it accelerates and optimizes the application performance of data centers, while achieving the most advanced security testing.

thunder ADC application delivery controller provides application acceleration, high availability and security for enterprises of all sizes. A10 networks' advanced core The operating system (ACOS) platform uses a high-speed shared memory architecture. Based on this platform, thunder ADC can provide excellent performance and support users' future scalability and functional requirements

with the increasing attention of malicious users to data center servers, A10 networks focuses on developing the best defense measures to deal with data center security threats. Make its ADC include multiple defense measures that can protect the infrastructure of the data center:

DDoS Defense Measures

Web application firewall (WAF)

DNS application firewall (DAF)

SSL interception (SI)

SSL offload

application access management (AAM)

due to the increasingly serious risks faced by enterprises, security is no longer an option for enterprises, but a necessary choice for enterprises. Therefore, all A10 thunder ADC series devices can provide all the above safety functions without additional cost support. This is only one of the advantages of A10's overall solution

with the help of unbreakable DDoS Defense Measures to prevent server downtime

with the increase of DDoS attack intensity and the adoption of new tools and automation technology by attackers, in order to better cope with the above changes of attacks, enterprises need to build defense measures inside their data centers. Although external DDoS mitigation services can play a role, there are still many services that cannot intercept advanced application layer DDoS attacks or successfully detect attacks hidden in SSL traffic. Moreover, enterprises need to realize the visibility and control functions of local security solutions

it provides multi-layer defense measures to mitigate application, network and multi carrier DDoS attacks. Its processing capacity is extremely high, and it can easily deal with large-capacity attacks such as TCP, UDP or ICMP flooding. A10's unique flexible traffic accelerator (FTA) technology provides scalable traffic allocation and fast security processing functions, such as high-speed filtering of DDoS attacks. FTA technology can be applied to all thunder ADC modules, and specific thunder ADC modules also include FTA processing functions that can optimize hardware. Relying on the FTA processing process based on hardware and realizing expansion, a single device can process more than 200 million syn packets per second, and can also use CPU resources to mitigate more complex attacks

rely on easy to manage web application firewall to intercept web attacks

hackers can continue to attack enterprise stations through SQL injection, cross site scripting and cross site request forgery. If there is no special attack defense measures, hackers can successfully break through the vulnerabilities of enterprise sites and steal data, which will bring expensive security gaps to enterprises and affect the brand image of enterprises

unfortunately, at present, many enterprises still do not have the correct security awareness. They believe that the enterprise network firewall and intrusion prevention system are enough to deal with the threat of the application layer. Unfortunately, these general security products cannot provide fine-grained or dedicated defense measures that can intercept advanced web attacks. In order to better protect web applications, enterprises urgently need to deploy web application firewalls

it contains a fully functional web application firewall certified by ICSA, which can intercept web attacks before they reach vulnerable applications. Thunder ADC can be deployed in front of the web server as a reverse proxy to check web requests and withdraw them in time for more agile response. It can also intercept, clean up Web attacks or send early warning information. In order to mitigate a wide range of Web attacks, it uses multi-layer defense measures, and fully conforms to the payment card industry (PCI) 6.6 standard

use SSL to unload and protect sensitive data

since June 2013, the cobalt price of NSA whistleblower Edwar has continued to rise. D snowd's process by-product must establish a resource recycling system. En since the disclosure that NSA is secretly spying on citizens, people have paid more and more attention to privacy, and the use of SSL is also soaring. Therefore, from search engines to social media, to file sharing stations, many stations now provide versions that support SSL. SSL is already everywhere and not just used to eliminate credit card transactions

compared with 1024 bit certificates, 2048 bit SSL certificates require about 3.4 times the encryption processing capacity and 6.3 times the decryption capacity. With the increase of SSL use, transactions from 1024 bit to 2048 bit SSL keys also increase the burden on Web servers that support SSL. At present, 4096 bit key length certificates account for 20% of all certificates in the Certification Center (CAS). With the continuous increase of SSL key length, enterprise stations supporting SSL need to deploy a secure and scalable scheme to realize SSL encryption unloading on Web servers

when thunder ADC is deployed as a proxy service, it can not only uninstall the SSL processing function from the web server, but also improve the application performance, deliver ultra fast SSL performance, and reduce the web loading time. Its high-end products are equipped with a dedicated security processor, which supports 2048 bit SSL throughput of more than 40Gbps

Copyright © 2011 JIN SHI