Application delivery controller maker A10 Networks today announced the release of its A10 Thunder TPS (threat protection system) box, which is capable of 155 Gbps of throughput and is meant to defend against the large-scale distributed denial of service attacks typically leveled against public-facing Web sites.
The product is the latest addition to A10’s Thunder Unified Application Service Gateway series of products announced early last year.
For now, A10 will offer three Thunder TPS models: The Thunder 4435 TPS with 38 Gbps of throughout and 16×10 GbE ports; the Thunder 5435 TPS with up to 77 Gbps throughput and available with 16×10 GbE ports or 4×40 GbE ports; and the Thunder 6435 TPS with up to 155 Gbps throughout and a dual Intel Xeon set of chips that have 20 processor cores.
“DDoS attacks like SYN Flood and Fragmentation attacks are rapidly evolving to becoming a big numbers game, with malicious bots or zombie machines directing massive amounts of traffic in unison toward target victims,” said Lee Chen, A10 CEO, in a statement. “Effective DDoS solutions must be able to mitigate at equally massive scale and performance to prevent service interruption.”
Legacy security solutions, such as firewalls and Intrusion Detection Systems (IDS) have insufficient capacity to mitigate today’s multi-vector DDoS attacks at scale, according to A10. With DDoS mitigation capacity ranging from 38 Gbps to 155 Gbps (and up to 1.2 Tbps in a cluster) throughput, Thunder TPS is designed to provide protection against large attacks.
Each Thunder TPS model is equipped with high-performance FPGA-based Flexible Traffic Acceleration (FTA) technology to detect and mitigate over 30 common attack vectors rapidly in hardware, without degrading the performance of the core system general purpose CPUs.
More complex application layer (L7) attacks (HTTP, SSL, DNS etc.) are processed and detected by the Intel Xeon CPUs, so performance scaling is maintained by distributing multi-vector detection and mitigation functions across optimal system resources, A10 said.
The bot threat
Some of the most serious threats networks face today are "bots," remotely controlled robotic programs that strike in many different ways and deliver destructive payloads, self propagating to infect more and more systems and eventually forming a "botnet."