Choosing The Right ADC Deployment Model

May 26, 2021

Today there are more deployment models than ever before for load balancing and application delivery. The trick is know which one, or which combination of these models, is the best fit for your needs. As in any choice in networking deployment models, there can be trade-offs that need to be evaluated carefully – typically performance versus agility, at the first-order level. Following are some quick rules-of-thumb.

If you are building your IT or application infrastructure in a public cloud such as AWS or Azure, virtual load balancers with utility consumption make a lot of sense. Bring load balancing capabilities up or down as needed, on the fly, while paying only for what you use. Or, you can use a Bring Your Own License (BYOL) model, depending on your needs.

If you have built a private cloud, and have invested heavily in virtual servers and infrastructure, virtual load balancers with perpetual licenses will give you maximum agility with the biggest bang for the buck. Virtual load balancers with perpetual licenses are also good to have on hand for development and non-production environments. Array’s virtual ADCs can also be ordered on a monthly or annual subscription model for even more flexibility.

Where there is high-volume traffic and/or where there is heavy utilization of compute-intensive functions such as SSL offloading, traffic inspection or complex scripts, dedicated hardware remains the preferred solution. In these cases, scaling out using general-purpose servers and virtual load balancers is simply not efficient or cost-effective. Array’s dedicated ADCs also support multi-tenancy through virtual IPs (VIPs) for use cases where multiple end-customers or communities of interest are involved.

Dedicated ADCs can also be used to augment virtual load balancers in situations where the agility of virtual is required, but SSL processing needs outstrip the capabilities of the software SSL resources provided by virtual ADCs. Using a hybrid model, the heavy lifting of SSL offloading can be outsourced from the virtual ADCs to one or more dedicated load balancers, preserving the agility of the virtual model while augmenting it with the hardware SSL resources present in dedicated ADCs.

For use cases where it is necessary to support more than one customer or application and where performance and scalability remain a primary consideration, virtualized dedicated hardware becomes a compelling solution. For instance, in a public or private cloud, where customers or business-critical applications have SLAs, using a virtualized appliance provides cost efficiencies, cloud agility and the ability to ensure guaranteed performance in a shared environment.

In recent years, it has become increasingly common to mix these deployment models. For example, dedicated hardware is installed in a private data center with burst capability to a public cloud platform that features virtual load balancing with utility consumption. Or, dedicated hardware is used for production traffic, and virtual load balancing with perpetual licenses is used for development and testing.

In addition, the recent rise in SSL-encrypted traffic has made load balancing ever more important for enterprise networks. Often, in-depth inspection appliances – whether virtual or dedicated – lack the ability to decrypt SSL traffic, with the result that this traffic bypasses inspection, posing a risk to corporate networks and sensitive business information. By using Array’s SSL Intercept capability, in virtual, dedicated, or virtualized appliances, encrypted traffic can be decrypted and passed through to security appliances, then re-encrypted if required before proceeding to its final destination.

As the market stands, physical and virtual load balancers and application delivery appliances are driving purchase decisions in most cases, with public cloud and virtualized hardware solutions acting as capabilities customers are looking for in order to ensure they are purchasing a future-proof solution.

With the advent of highly processor intensive applications and protocols (like 2048-bit SSL), load balancing is increasingly a necessity in enterprise networking environment. These tips, as well as a careful evaluation of your organization’s needs, can serve as a guideline for your next application delivery controller deployment.

Paul Andersen

Mr. Andersen has more than 20 years of high-tech industry experience, and has previously served in various roles at Cisco Systems, Tasman Networks and Sun Microsystems. He served as Senior Director of Marketing for Array Networks for more than ten years, leading critical positioning, sales generation and marketing efforts as well as sales training and partner marketing, enablement and management. Paul holds a Bachelor's Degree in Marketing from San Jose State University.