We acquired the Thunder SSLi units when we got one of our content filters and needed to have the decryption in-line so that our content filter could see all of the traffic coming through and do what it needs to do for the rules that we had set up for it.

We had attempted to use built-in solutions within different content filters, but the amount of SSL traffic made it near impossible to keep the content filters online with the SSL decryption turned on. That's the primary reason we switched to A10. In fact, the content filter that we're using right now supports SSL decryption. However, it does not have the processing power to handle the load that the SSL puts on the device. So every time we had turned on SSL decryption on that appliance, the appliance crashed and internet traffic was no longer filtered, and it took us a little while to get everything back online.

SSL decryption was one of the biggest pieces that we took advantage of. We originally tried to do SSL decryption through our firewalls. Because of our size, we currently support over 67,000 customers with over 80,000 endpoint devices (between students and staff). The previous configuration could not handle that traffic. It could not decrypt fast enough. When we went with the A10 solution, we were able to overcome those challenges. We are currently able to successfully decrypt at a rate that has minimal to no impact on our end users.

Last year, we identified a need within the district to shore up some security shortcomings and consolidate some of our efforts. That is when we went out to look for a device that could meet our requirements. It has been about a year since the closing of the competitive bid and procuring the device.

The previous solution that we had couldn't handle our throughput. Our content filter hits 94 terabytes a week, and we are filtering out 4.5 petabytes annually. That is just external web traffic. By virtue of the metrics alone, I have been impressed with the A10.

Also, the previous solution didn't have separated individual cards for decryption. Therefore, our extensive traffic was throttling that device and bogging down the entire network. That's why we had to go out and find a dedicated SSLI solution.

Operationally and organizationally, A10 has made one huge impact. Our previous solution required a bit of cross functionality between three teams: my team and the infrastructure team, networking along with servers, and application and application development. By using the A10, we have been able to get rid of that legacy equipment. Now, it solely resides within the network operations team. Procedurally and policy-wise, it's been a huge change because it's allowed it to leverage its capabilities and put it under the purview of one team. It has decreased ticket time and increased response time. We are more proactive with this solution.

We use a COBIT framework. Even though it resides under my purview, we're still supported by the other two teams. I take responsibility, but have accountability, consulting, and information that is shared between the three teams. It makes it much simpler for my team to be able to take action. We are still cross-functional, but it streamlines the ticket assignment.

In terms of support for our on-premise applications, we were doing SSL interception before, but we were doing it on several security boxes. For example, our firewall was doing SSL interception, and our proxies used to do SSL interception. Now we just have A10 doing that SSL interception.

The driver for looking at a solution like SSLi was that we were always doing SSL interception on our proxies. But then, we changed our firewalls and they had new features like threat prevention, application control, IPS — those kinds of security features. Also, our dedicated IPS was changed and our SSL traffic was increasing every single day.

Three or four years ago, our SSL traffic was something like 50 to 60 percent of our entire internet traffic. Now, SSL traffic is 90 percent because all the applications go to an encrypted, secure environment. That's what drove us to find a complete SSL solution, instead of doing every single security device separately. With the increase in SSL-encrypted traffic, we definitely needed something to manage this operation with one dedicated device.